How to create bearer token to make jql queries?

Hi @Leandro Cardoso, the confusion is common because there's no UI flow in Atlassian Cloud labeled "create Bearer token". The way to get a real Bearer token in Cloud is through a Service Account.

The personal API tokens you've been creating only support Basic auth against your-site.atlassian.net (Authorization header with base64 of email:token). They cannot be used as Bearer tokens.

For service-to-service authentication that uses a Bearer token, the setup is:

1. Go to admin.atlassian.com, then Directory, then Service accounts, and create a service account.
2. Open the service account and select Create credentials, then API token. Give it a name, set the expiration (1 to 365 days), and pick the OAuth scopes you need. For JQL search you'll need read:jira-work as a minimum.
3. Use the gateway URL https://api.atlassian.com/ex/jira/{cloudId}/rest/api/3/search with header Authorization: Bearer {your-api-token}.

The Cloud ID is the UUID after /s/ in your admin URL. Don't use the Organization ID, that one returns 404.

Official doc with the full flow and a curl example: Manage API tokens for service accounts

Hey @Leandro Cardoso ,

On top of what German said, I've seen cases where people used Developer console to create a new OAuth 2.0 integration app and used something like that for making endpoint calls and authorizations.
But that might be overkill...

What I actually wanted to share, and it's related to service accounts, are these couple of articles:

• Part 1: What they are (for)
• Part 2: Setting up a Service Account
• Part 3: Service Accounts in Practice

Rebekka did a really good job in explaining service accounts and using them in real-life scenarios, so I believe this could help 📚

Cheers,
Tobi