Supported security protocols for Atlassian cloud products

Atlassian uses a cryptographic technology known as Transport Layer Security (TLS) to secure data sent across the internet between our customers and Atlassian cloud products. TLS provides privacy and data integrity through the use of one or more cipher suites. A cipher suite is a combination of authentication, encryption, and message authentication code algorithms used during the negotiation of security settings and the transfer of data.

Atlassian cloud products affected

This affects all secured traffic (HTTPS) to Atlassian cloud products, including:

• Atlassian.com

• Atlassian Marketplace

• Bitbucket Cloud

• Confluence Cloud

• Jira Cloud

• Jira Service Desk

• Statuspage

• Trello

The type of traffic that's impacted includes:

• Atlassian cloud product web interfaces viewed in a browser

• API calls to Atlassian cloud product API endpoints

• Hosted sites on bitbucket.io

• Other HTTPS traffic not listed here

Supported TLS protocols

TLS version 1.2 (or higher) is required for all Atlassian products and services. TLS version 1.1 and lower is unsupported. Any version of SSL is unsupported.

Supported cipher suites

Atlassian cloud products may attempt to negotiate with clients using the following cipher suites. These cipher suites provide a good balance of security and performance while maintaining compatibility with almost every client or browser released in the last five years.