I'm developing an application that integrates with Jira and requires access to user data through the Jira REST API. The standard approach is to implement OAuth 2.0, where the user clicks a link, consents to the app accessing their data, and is redirected back to my app with a code. I then exchange that code for an access token, which allows my application to interact with the Jira API on the user's behalf (e.g., retrieving issues and requests).
However, in our company all applications, including Jira, are integrated with Google SSO. Users are required to authenticate with their Google accounts (managed via our organization's) in every app.
Given that users are already authenticated with their Google accounts, which are also used to access Jira, I wanted to ask:
Is it possible to streamline the integration between my app and Jira so that users do not have to authorize the connection via OAuth 2.0, since they are already authenticated via Google SSO? In other words, is there a way to leverage the existing Google session to avoid requiring users to manually link their Jira account to my app, or is the standard Jira OAuth flow still required for API access even when Google SSO is enforced?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.