From 9c2746edbe0ff038e4c97c02c4506556625dd022 Mon Sep 17 00:00:00 2001
From: "Sokunrotanak Srey (Rotanak)" <sokunrotanak.srey@gmail.com>
Date: Mon, 18 Dec 2023 08:43:15 +0000
Subject: [PATCH] Add gitlab.com as proxy security concern

---
 doc/administration/settings/jira_cloud_app.md | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/doc/administration/settings/jira_cloud_app.md b/doc/administration/settings/jira_cloud_app.md
index 26e26ac8f039..c87c7c62a3a2 100644
--- a/doc/administration/settings/jira_cloud_app.md
+++ b/doc/administration/settings/jira_cloud_app.md
@@ -249,6 +249,16 @@ Other GitLab instances that use the proxy must configure the following settings
 
 The GitLab for Jira Cloud app connects GitLab and Jira. Data must be shared between the two applications, and access must be granted in both directions.
 
+### Using GitLab.com as a proxy
+
+When you use [GitLab.com as a proxy](#configure-your-gitlab-instance-to-serve-as-a-proxy),
+the Jira access token is shared with GitLab.com.
+
+The Jira access token is stored on GitLab.com because the token must be used to verify
+incoming requests from Jira before the requests are sent to your self-managed instance.
+The token is encrypted and is not used to access data in Jira.
+Any data from your self-managed instance is sent directly to Jira.
+
 ### Access to GitLab through OAuth
 
 GitLab does not share an access token with Jira. However, users must authenticate through OAuth to configure the app.
-- 
GitLab