16

How to create access token for JIRA Rest API? Of relevant data I have

  • User key
  • Private/public key combo

Jira's Rest API Oauth example assumes 3-legged approach, and is very unclear on what the actual parameters to send are (I wish Swagger is more widely used standard!).

In more detail, I have following use-case: When creating new employee in Web Forms (ASPX) portal application I need to create new JIRA account and assign it to project (and role inside the project).

As such I would like to use OAuth2 2-legged authentication to accomplish this. I can probably hack it with Basic Authentication, but I would really like to do it properly.

Problem arises when trying to find code examples that use this approach. .NET examples are really scarce, and even examples in other languages usually use Basic Authentication (username and password transmitted on each call) or few that use 3-legged approach.

I found AnotherJiraRestClient but looking at the code it's using RestClient nuget (this is good) but with HttpBasicAuthenticator (this is bad).

I went through all Authenticators that are on offer and OAuth2AuthorizationRequestHeaderAuthenticator looks promising but it requires me to already have access token. So that is why the question in the end is "How to create access token, using 2-legged approach?"

I already created application link on JIRA's side with this settings:

  • Application Type: Generic Application
  • Outgoing Authentication: (gives 500 server error on Jira's side... but don't think it matters as I am not using it)
  • Incoming Authentication: OAuth
    • Status: Configured
    • Consumer Key: TEST_JIRA_KEY
    • Public Key: ... (generated online private/public key combo)
Igor
  • 2,696
  • 1
  • 18
  • 28
  • Have you found solution? Trying to do similar thing, but kinda stuck with same problems as you – Vilius Aug 10 '16 at 05:59
  • @Vilius Sorry, but no... I just went with Basic Auth... Didn't have the time to spend more on it. – Igor Aug 15 '16 at 10:06

1 Answers1

2

Atlassian currently doesn't support OAuth 2.0, but only 1.0(a).

There is a feature request for this: https://jira.atlassian.com/browse/JRA-43171

I have made an Open Source Jira client in C#, >=.NET 4.5 and fully async (with proxy support), which is available on GitHub and as a NuGet Package. See: https://github.com/dapplo/Dapplo.Jira

Today I added OAuth 1.0a support, which I got working and use the information here for testing: https://bitbucket.org/atlassian_tutorial/atlassian-oauth-examples/src/d625161454d1?at=default I used the public key from that repository to setup a test link on my Jira Cloud server, and use the private key in my test case.

The code for testing is here (it's commented out, as the OAuth process opens a browser, which is bad on the test-server) https://github.com/dapplo/Dapplo.Jira/blob/master/Dapplo.Jira.Tests/JiraOAuthTests.cs

I am still looking at a way to make the certificate/private key reading easier, but in a way this is not the job for the library itself...

If there are any questions, I guess issues on GitHub are the best way to communicate.

Robin Krom
  • 155
  • 6
  • Did you remove OAuth support? The link to the test above doesn't work, and the documentation shows only basic auth. – Scuba Steve Dec 09 '20 at 20:49
  • I refactored some of the code, it ended up here: https://github.com/dapplo/Dapplo.Jira/blob/master/src/Dapplo.Jira.Tests/OAuthTests.cs – Robin Krom Dec 10 '20 at 21:04