Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Can multiple people run an automation using web service macro?

Saira
Contributor
August 14, 2023

Hi,

I have a Jira automation that uses a web service macro. But it uses Basic auth, you have to add your api token in it to work. As such is it true that only I would be able to run it since it uses my API token? 

2 answers

2 accepted

1 vote
Answer accepted
Agraj Mangal
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
August 14, 2023

Hi @Saira 

The rule is run dependent on the trigger configuration of the rule. So if its an event based trigger, it would run on Automation receiving that event. If it is a manual rule you can configure it so that only people in certain Jira groups can run that rule. 

But the rule would always run with your API token if you have configured it so (for your basic auth use case) 

If you do not want the token to be visible to other admins on the site, use the Hidden Headers feature https://community.atlassian.com/t5/Automation-articles/Automation-Hidden-headers/ba-p/2138236 

You can also restrict editing of the rule by going to Rule Details and restricting who can edit the rule. Other admins would only see this rule in a read-only mode in that case. 

Cheers
Agraj

0 votes
Answer accepted
Darryl Lee
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
August 14, 2023

Hi @Saira - no, anyone can run the Automation, but you need to understand that any actions it takes will look like they are performed by YOU.

It's good practice to create a Service Account (for example "Jira Automation") and use that to generate an API token to use, so that when users look at the history of a ticket, it is clear that changes to a ticket were carried out by Automation.

Darryl Lee
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
August 15, 2023

Oh @Agraj Mangal makes a good point that you can limit who can run a manual rule.

And also has some good points about securing your API token.

Like Rick Westbrock likes this

Suggest an answer

Log in or Sign up to answer
TAGS
AUG Leaders

Atlassian Community Events