Hello,
I'm gonna preface this with saying I'm very new to forge development (never used it before) and not a programmer in general. With that out of the way, I'm wanting to make a small forge app to index JIRA space properties so I can use them in JQL.
Context for wanting to do this is I was using a third party plugin that allows creating JIRA project properties and the properties created through that plugin are automatically indexed and JQL-able. That plugin was free when I was testing it in my sandbox environment, however it is now a paid plugin. I am trying to recreate just the indexing portion of this to see if I can do it without buying the plugin.
My vision for this is I'm wanting to create three JIRA space properties and populate them for every space in my JIRA cloud instance. I've already defined what my properties should be, how I intend to populate them for the initial push via REST API (already have the code written there), and how to manage them ongoing via JIRA automation rules (also written).
My research has led me to the conclusion that the only way to get these space properties (without a third party plugin) indexed so they can be used in JQL is through a Connect or Forge app, I also understand Atlassian is moving away from Connect altogether in favor of forge.
With all that said, IT had instructed me to use OAuth 2.0 (3LO) (https://developer.atlassian.com/cloud/jira/software/oauth-2-3lo-apps/) instead of an API token directly (https://developer.atlassian.com/platform/forge/getting-started/) that the tutorial linked points to using.
I can't find instructions on using this type of authentication as opposed to an API token for creating the app, and I think the OAuth 2.0 is only for API calls made by the app AFTER it's created. Am I misunderstanding this? Can anyone point me to how this can be accomplished if I'm mistaken please?
Also if there's a way to avoid the forge app altogether and index the space properties via Rest API or Scriptrunner, I'll go for that.
Thanks in advance for any guidance,
Pierre
Hi @Pierre Ibrahim , to add to zoltanersek's answer: you're not misunderstanding OAuth 2.0 3LO, you're right that it's for calls made after the app exists, and it doesn't even apply here. The API token the getting started tutorial points to is only for "forge login", authenticating the CLI to your own Atlassian account while you develop and deploy. It has nothing to do with how the deployed app talks to Jira at runtime. At runtime a Forge app uses the built in asApp/asUser bridge (requestJira), which Atlassian authenticates for you, no OAuth flow to build yourself. 3LO is for a separate, standalone app calling the Cloud REST API directly from its own server, which isn't your case.
Your research is also correct that this needs a Forge or Connect app specifically. Indexing a property for JQL is done through the jira:entityProperty manifest module, there's no REST endpoint or ScriptRunner path that registers that indexing, it has to be declared in an app's manifest.
Since you're already populating and maintaining the properties yourself through REST API and automation rules, the Forge app itself can be just this manifest declaration, no request code, no auth logic needed inside it at all.
if your Forge app needs to call Atlassian APIs on behalf of a user, you would typically use Forge's built-in auth (requestJira) rather than implementing OAuth 2.0 (3LO) yourself. 3LO is mainly for external applications, not for authenticating a Forge app to Atlassian.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.