Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Confluence REST API token authentication

Jonathan F. Gingras
Jonathan F. Gingras July 19, 2017

I have an app that authenticates users using LDAP (Active Directory). We also use LDAP for Confluence authentication.

I'm using the REST API to integrate Confluence with our app and I'd like the API requests to be executed in the user's context. This would enforce that a user only does what he/she's allowed to do as well as make sure that new post created/updated with the API carry the user's "stamp".

It seems like the older API had a way of issuing request with token instead of basic auth (username/password) but I can't seem to find the correct way to do this now.

Is it at all possible? Would anyone have a suggestion for a different way to accomplish what I'm trying to?

One thing important to me is not to hold onto the user's password. I would pass is authentication credentials on login, directly to Confluence's API, without having to "save" it somehow to be used later on.

 

Thanks!

 

PS: Running Confluence 6.3.1

Answer
Watch
Like Deleted user likes this
5421 views

3 answers

4 votes
Roman Bubiakin _Wombats Corp_
Roman Bubiakin _Wombats Corp_ November 8, 2019

Hello @Jonathan F. Gingras 

My plugin API Tokens for Confluence generates tokens that could be used in integrations w/o exposing passwords. Also, it makes actions on behalf of the user (carry the user's "stamp").

Hope this is what are you looking for

Regards, Roman

Reply
0 votes
Jonathan F. Gingras
Jonathan F. Gingras February 13, 2018

Thank you Maksym, it points me in the right direction.

Reply
0 votes
Maksym Fedoryshyh
Maksym Fedoryshyh
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
February 12, 2018

Confluence REST API does not provide a way of obtaining user tokens. You can still use old xml-rpc api method calls for authentication and other actions you need.

Alternatively, in your application, you may try to login your users by sending user credentials to Confluence login page, and parsing response. You need to save "seraph.confluence" and "JSESSIONID" cookie values from response, and use them in you REST calls (just add them to cookies header of your requests). That may do the trick, but may not work in all cases.

Hope that helps.

View More Comments
JCP-DevTools
JCP-DevTools October 11, 2018

Hello Maksym,

     My confluence version is 5.0.3. Please suggest that our versions supports Rest APIs or not. what is seraph.confluence and jsessionid cokkie values? How to i get those values?How to use them in rest calls? Please explain in detail.

         

   

Like
Reply

Suggest an answer

Log in or Sign up to answer
Confluence
Confluence
TAGS
AUG Leaders

Atlassian Community Events

    See all events