For a non-HipChat add-on, I need an auth token to communicate with HipChat via its v2 REST API. I want to have a specific scope for the auth token in order to be able to create rooms (i.e., scope "manage_rooms"). Is there a way to create such an auth token? Can I use the OAuth API for this? In HipChat's web admin interface, I was only able to create tokens with either notification or admin scopes, but none of the new scopes of the v2 API ('manage_rooms', 'admin_room', etc.).
Thanks for your answer. But that link only allows be to create a personal token. What I want is to create a token with one of the scopes provided with the V2 API (i.e., "manage_rooms") that can be used for my non-HipChat plug-in. Is there a way that I can request a token via OAuth with the HipChat REST API with a specific scope?
I would like to use a mechanism similar to the OAuth authentication with Atlassian's application links. A HipChat user with the necessary rights could grant my non-HipChat plug-in a token with "manage_rooms" scope.
Hi Michael, Could you describe the integration with HipChat that would like to implement? Maybe implementing it as a HipChat add-on is an option? I think the /users/authorize endpoint could help in your case (see https://www.hipchat.com/docs/apiv2/auth), but my understanding is that you would still need an add-on in this case. Regards, Patrick
Hi Pieter, Not yet, unfortunately. What I am looking for actually is a way to create tokens manually (via the HipChat admin web GUI) for the specific scopes the HipChat v2 API provides (e.g., for "manage_room" scope). Currently, I only see how this is possible when we would develop a HipChat add-on, but not that it would be possible to let the user create such a token by himself and enter it in our non-HipChat add-on's plug-in settings...
Thanks for your answer. What we would like to implement is a feature that involves creating a HipChat room for certain kind of discussions and to invite a list of people into this newly created room - all done from a non-HipChat add-on. This requires that we have a token with at least "manage_room" scope in order to create a new room and to get all users of a HipChat group (via /v2/user) to provide auto-completion in our add-on for the list of users to invite into the new room.
With API v1, we could just ask the customer to give us an admin token for our add-on which we would save in the add-on settings. But of course, this might be a show-stopper for our add-on because an admin token is a higher permission we actually would need (speaking in terms of the API v2 where the scope manage_room would be enough). But for API v1 we would even need an admin token to retrieve the users of a group (via users/list).
My idea was to redirect the user of our add-on to a HipChat URL where that user would be able to grant our add-on an auth token with manage_room scope via OAuth, similar to what is possible with Atlassian's application links.
Is that possible? Do you see another solution?
All good things come to an end - thanks to all our customers and partners who have been along the Hipchat and Stride journey with us. As of Feb 15th 2019, Hipchat Cloud and Stride have reached ...
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs