I have a mobile JIRA (web) app, where users log in using their JIRA instance URL, username, and password (because HTTP Basic Auth is the only good auth method).
When they're browsing in the app, sometimes you have to go to the real JIRA, e.g. to download an attachment, or search through worklog history etc. (The app doesn't do everything.)
It's annoying to link to Jira, where they have to log in again, (and then find the relevant issue again, if redirection doesn't work).
Is there an SSO-like solution for this, with the REST API as starting point?
I'm thinking:
- An API endpoint that generates a one-time-login token.
- A redirect to the real JIRA instance, with that token, with a redirect/goto/destination URL.
- The user is now really logged in, and on the correct (issue) page.
I couldn't find anything in the REST API docs, but there might be other ways... I like hackish methods, so don't hesitate. Non-REST-API is fine too. Using a non-standard plugin is not fine.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.