Hi
I've been searching to what the current setup would be on defining a correct api call to create a simple request in order to create a service request for my application so we can start reporting and collecting incidents.
I struggle to find the latest up-to-date information on how to set this up:
- What is the url to use
- How to authorize my application (OAuth / jwt)
- any other info that you have for me is welcome
(using a React fetch call)
Thanks in advance
On the "How to authorize my application (OAuth / jwt)" part of your question:
You can use basic authorization (API key) or OAuth 2.0 (3LO), but you absolutely should not implement authorization in the React frontend. That is a major security risk, since your token is now exposed to client-side code. That's not good.
If you are building a React app, hide your API Token safely on the backend (Node.js, PHP, etc.). This way you can send request data and make your POST call to JSM API. This hides your sensitive API Token info and enables your authorization to the backend data without any potential exposure risks.
If you are building a Forge app, you API Token is hidden and you do not have to worry about any security risks or sensitive data exposure. The API Token is generated in Profile page (top right, click on your avatar, go to Profile, go to Security. 3rd blue button down.) and is hidden in your app manifest.
Bill absolutely got you the correct endpoint in his previous message. So, you're all set there!
Thanks for the advice, although i am aware of the security risk and it won't be an issue!
I have the api token in the profile page. I think i gave it the right permissions to create requests.
from what i found, for basic authorization that should just be a base 64 encoding of the <user email>:<api token>
But that doesn't work (Jira API error: Client must be authenticated to access this resource.)
There is something that i am missing that i am not aware of but i can't find it
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
What did you find when you searched for that?
Did you find the REST API documentation describing this endpoint, and supporting information for using it: https://developer.atlassian.com/cloud/jira/service-desk/rest/api-group-request/#api-rest-servicedeskapi-request-post
Kind regards,
Bill
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Great, thanks.
That's the api i found, but then i started doubting if it was even the right endpoint.
Also, since i didn't get a correct response, there was no confirmation there that anything was correct.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.