Hello all,
we are having trouble querying the JIRA rest api with JWT authentication (from an addon for JIRA Cloud which we created). When we started integrating, we received a couple of error message, which we fixed fast. So we would expect, if there is still something wrong with the call (i.e. canonical query string hash, JWT format, rights), we would get more.
Fact is, we do a call like
GET&/rest/api/2/project&
and receive
[]
So it looks like an empty JSON. We have multiple projects in the cloud instance we query (we can query rest API for this instance via classic user authentication), so this should not be empty.
Some other noteworthy information:
Anyone got an idea what the reason is for this? Or is there any place to look in JIRA Cloud for failed api calls?
Community moderators have prevented the ability to post new answers.
After reading this thread it seems that it is possible to to authenticate a rest request to the JIRA api - would anyone have some sample config / instructions on how to implement this ?
The API guide can be found here:
https://docs.atlassian.com/jira/REST/cloud/
The authentication process links can be found there, too.
Some examples:
https://developer.atlassian.com/jiradev/jira-apis/jira-rest-apis/jira-rest-api-tutorials
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Nevermind, we figured it out. Problem was, when creating the canonical query string we also included POST params, this caused a 401 error on the JIRA side.
Thanks all for your help, now all api calls run smoothly.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You are partly right, Mark. Descriptor declaration for these flags is as follows:
"authentication": { "type": "jwt" }, "scopes": [ "read", "write" ],
This should be sufficient for querying Projects list.
We were able to solve our problem in the first place now. As of the documentation, you need to place the JWT token in an Authentication header, which we did. And according to what you said (that you get an empty JSON object if you are not logged it) we thought it might be an authorisation problem. Attaching the jwt parameter to the URL worked out. Now we are able to query the API with the JWT authentication.
BUT: it only works when doing GET requests. If you are doing POST the results are strange:
So how are we supposed to place the JWT token in the request when doing POST requests?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
There is no addon user. If you use JWT, authentication is done via token, not user credentials. So the rights you have on certain objects in JIRA through API calls via JWT is dependant on scope declaration in the JSON addon descriptor.
But thanks for your suggestion.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
What level of permissions does each project require in order to view them? Ensure that the add-on user has the permissions required to view the projects since if that user cannot see the project you will get an empty result.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
What is the value of scopes and authentication in your Connect descriptor (atlassian-connect.json) file?
Notice that you get an empty JSON array if you access /rest/api/2/project when you are not logged in:
It could be that you don't have the proper access setup in your Connect descriptor.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Community moderators have prevented the ability to post new answers.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.