Is there any way to give and application API access to JIRA with giving them an admin account? Is there a way to limit the account so it can not be used to log into JIRA directly?
We are trying to control who has admin access to our JIRA instance to prevent unexpected/unwanted changes to our JIRA configuration. Once we give out an admin account for use in API scripting, we have no way of controling who has access to the account name and password. How do we mitigate the risk?
Community moderators have prevented the ability to post new answers.
I'm not sure what you mean by "API Access".
You don't need to give out admin accounts for REST/SOAP - they respect the users permissions, and don't need admin access at all. Unless you're doing admin stuff with them.
If by "API", you mean the internal stuff, then you need admin rights to install plugins, but not to use them (or even write them)
Nic,
I am told the issue is with getCustomFields()
My user is using SOAP to conncect Perforce to JIRA via a Perforce plugin.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Ok. You don't need admin access to use SOAP, or that call. Just use an unprivileged account.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Nic,
An error is being thrown when they try to run the service:
Version:1.0 StartHTML:0000000149 EndHTML:0000006087 StartFragment:0000000199 EndFragment:0000006053 StartSelection:0000000199 EndSelection:0000006053 Jan 24, 2013 9:42:59 AM com.perforce.p4dtg.plugin.jira.soap.RequestHandler initDefectBatch
INFO: JIRA query batch size is set to: 100
Jan 24, 2013 9:43:00 AM org.apache.axis.utils.JavaUtils isAttachmentSupported
WARNING: Unable to find required classes (javax.activation.DataHandler and javax.mail.internet.MimeMultipart). Attachment support is disabled.
Jan 24, 2013 9:43:04 AM com.perforce.p4dtg.plugin.jira.soap.BaseHelper getCustomFieldsMap
SEVERE: com.atlassian.jira.rpc.exception.RemotePermissionException: Remote custom fields can only be retrieved by an administrator.
AxisFault
faultCode: {http://schemas.xmlsoap.org/soap/envelope/}Server.userException
faultSubcode:
faultString: com.atlassian.jira.rpc.exception.RemotePermissionException: Remote custom fields can only be retrieved by an administrator.
faultActor:
faultNode:
faultDetail:
{}com.atlassian.jira.rpc.exception.RemoteException:null
{http://xml.apache.org/axis/}hostname:(redacted)
com.atlassian.jira.rpc.exception.RemotePermissionException: Remote custom fields can only be retrieved by an administrator.
.
.
.
.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Ah, I see, it's trying to get the list of custom fields, it's not just working with issues.
You need to adjust the plugin so that it stops asking for the list.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.