Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Register Webhooks via REST with non-admin-access token

Hosein Nourani
Hosein Nourani September 10, 2022

I am wondering is that possible to register(create) a webhook via REST API when the user-account (who send the request) doesn't have admin access?

In general, What if I ask permission for some scopes during login, user accepts it, but those permissions were not provided by his admin.

example: I asked for manage:jira-webhook, but user doesn't belong to site-admins access group.

 

 

 

Answer
Watch
Like Be the first to like this
1294 views

1 answer

1 accepted

2 votes
Answer accepted
Hana Kučerová
Hana Kučerová
Community Champion
September 11, 2022

Hi @Hosein Nourani ,

if you are logged in to Jira and you are using GUI, you can manage webhooks only if you are Jira administrator. I haven’t test this, but I expect the permissions will be the same for the REST API. So I don’t it is possible.

View More Comments
Hosein Nourani
Hosein Nourani September 11, 2022

Thanks Hana.
So, is that true to say

for creating the webhook via my OAuth2 app, I need a user with admin access level to login?

Like
Hana Kučerová
Hana Kučerová
Community Champion
September 12, 2022

Yes, I believe so, @Hosein Nourani 

Like
Hosein Nourani
Hosein Nourani September 12, 2022

Thanks Hana. I’ll try it.

Like
Mike Chiu
Mike Chiu October 3, 2022

hi @Hana Kučerová Sorry I want to ask a question related to webhook and the permissions required for creating / updating.

I was wondering how can I make sure the oauth(3lo) access token I got with sufficient permissions to register / update / delete webhook?

Based on the how to mentioned in the doc, I can create webhook through GUI or RESTAPI only if the access token granted by the user with Jira Administrators Global Permission.

Then I test creating webhook on GUI, it worked. 

But when I make an API request to `mypermissions` to check my `GLOBAL` permissions, the response looks like I don't Administor permission.

 

Below is the response:

```

{
  "permissions": {
    "ADMINISTER": {
      "id": "0",
      "key": "ADMINISTER",
      "name": "Administer Jira",
      "type": "GLOBAL",
      "havePermission": false
    },
    "SYSTEM_ADMIN": {
      "id": "44",
      "key": "SYSTEM_ADMIN",
      "name": "Jira System Administrators",
      "type": "GLOBAL",
      "havePermission": false
    }

  }

}

```

 

So I was wondering which global permission is related to webhook creation/update/deletion ?

And how can I make sure I can create a webhook before I really make a API request.

Thanks!

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Notice at Collection Terms Security