I have written an application that I and a few colleagues use to regularly fetch our respective work logs from Jira Server and automatically create/update corresponding events in our calendars. Effectively, it's like synchronizing one calendar to the other, only that the source is Jira worklogs instead of a traditional calendar.
As with any such synchronization, you want to minimize latency during the work day, so this application needs to fetch data every few minutes. That's why I made an effort to make the query as efficient as possible by using /worklog/updated and /worklog/list endpoints.
Despite the optimizations mentioned above, the application causes problems for the Jira administrators at my company. While the number of daily requests and their duration / size is fine, it turned out that Jira performs a login for each and every REST request!
Specifically, this causes two different problems for the admins:
This seems to be the case for every REST request that uses bearer authentication using Personal Access Tokens (PATs). The Jira version in use currently is 9.4.27.
I was asked to somehow change this, but I couldn't find a solution!
Has anyone noticed this behavior as well? What am I doing wrong? Is this a bug or known issue in Jira, or some kind of misconfiguration on the server side?
I suspect that this would not happen if I used OAuth instead of PATs. However, I would really like to stick with PATs. They make setup way easier, and after all, they are one of the approaches officially recommended by Atlassian.
Welcome to the community!
You're correct that PATs are recommended and simplify setup. However, the creation of new sessions for each REST API request is expected behavior due to how PATs authenticate. While OAuth avoids this issue by reusing sessions, if you wish to stick with PATs, consider:
Kind Regards
Utkarsh
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.