It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

API access without admin account

JT Jan 21, 2013

Is there any way to give and application API access to JIRA with giving them an admin account? Is there a way to limit the account so it can not be used to log into JIRA directly?

We are trying to control who has admin access to our JIRA instance to prevent unexpected/unwanted changes to our JIRA configuration. Once we give out an admin account for use in API scripting, we have no way of controling who has access to the account name and password. How do we mitigate the risk?

1 answer

1 accepted

0 votes
Answer accepted
Nic Brough [Adaptavist] Community Leader Jan 21, 2013

I'm not sure what you mean by "API Access".

You don't need to give out admin accounts for REST/SOAP - they respect the users permissions, and don't need admin access at all. Unless you're doing admin stuff with them.

If by "API", you mean the internal stuff, then you need admin rights to install plugins, but not to use them (or even write them)

JT Jan 22, 2013

Nic,

I am told the issue is with getCustomFields()

My user is using SOAP to conncect Perforce to JIRA via a Perforce plugin.

Nic Brough [Adaptavist] Community Leader Jan 22, 2013

Ok. You don't need admin access to use SOAP, or that call. Just use an unprivileged account.

JT Jan 23, 2013

Nic,

An error is being thrown when they try to run the service:

Version:1.0 StartHTML:0000000149 EndHTML:0000006087 StartFragment:0000000199 EndFragment:0000006053 StartSelection:0000000199 EndSelection:0000006053 Jan 24, 2013 9:42:59 AM com.perforce.p4dtg.plugin.jira.soap.RequestHandler initDefectBatch
INFO: JIRA query batch size is set to: 100
Jan 24, 2013 9:43:00 AM org.apache.axis.utils.JavaUtils isAttachmentSupported
WARNING: Unable to find required classes (javax.activation.DataHandler and javax.mail.internet.MimeMultipart). Attachment support is disabled.
Jan 24, 2013 9:43:04 AM com.perforce.p4dtg.plugin.jira.soap.BaseHelper getCustomFieldsMap
SEVERE: com.atlassian.jira.rpc.exception.RemotePermissionException: Remote custom fields can only be retrieved by an administrator.
AxisFault
faultCode: {http://schemas.xmlsoap.org/soap/envelope/}Server.userException
faultSubcode:
faultString: com.atlassian.jira.rpc.exception.RemotePermissionException: Remote custom fields can only be retrieved by an administrator.
faultActor:
faultNode:
faultDetail:
{}com.atlassian.jira.rpc.exception.RemoteException:null
{http://xml.apache.org/axis/}hostname:(redacted)

com.atlassian.jira.rpc.exception.RemotePermissionException: Remote custom fields can only be retrieved by an administrator.
.

.

.

.


Nic Brough [Adaptavist] Community Leader Jan 23, 2013

Ah, I see, it's trying to get the list of custom fields, it's not just working with issues.

You need to adjust the plugin so that it stops asking for the list.

Suggest an answer

Log in or Sign up to answer
This widget could not be displayed.
This widget could not be displayed.
Community showcase
Posted in United States

Topic Tuesday: Agile

Another week, another Topic Tuesday!  Agile has been on my mind a lot lately because I've seen good implementations and bad implementations, but now as a Jira admin it matters more to me whether...

14 views 0 0
View post

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you