Is there a way to get a list of matching issues from a JQL query with a REST api call?

I'm probably dealing with multiple issues here.

I'm currently looking at a page with a url "https://ouritrackserver/issues/?filter=-1" and with a search field of "assignee = currentUser() AND resolution = Unresolved order by updated DESC".  This obviously isn't providing a jql parameter in the url. I tried constructing something like the following url "https://ouritrackserver/rest/api/latest/search/", but I have to url encode the "jql" parameter, so I built this command line:

curl -v --user "...:..." --data-urlencode "jql='assignee = currentUser() AND resolution = Unresolved order by updated DESC'" 'https://ouritrackserver/rest/api/latest/search/

This gave me an initial 200, but then later on in the debug log, a 415 (unsupported media type).

I'm not certain whether providing authN with "--user" will satisfy the "currentUser()" predicate, but that's probably not the issue I'm hitting. I'd also like to know if it's possible to generate a "user token" to use for authN instead of my network credentials, like other common services provide (bitbucket, sonarqube, et cetera). That's still a separate issue to this 415 problem.

@David Karr 

The page of Jira (BASE_URL/issues/?filter=-1) is a default filter page of Jira server. Here issues are fetched based filter.

Now to fetch result based on filter,

1. First fetch filter details,
   • https://docs.atlassian.com/software/jira/docs/api/REST/8.5.3/#api/2/filter-getFilter

   • curl --request GET \
       --url 'BASE_URL/rest/api/latest/filter/FILTER_ID' \
       --user 'USER_NAME:PASSWORD' \
       --header 'Accept: application/json' \
       --header 'Content-Type: application/json'

   • This will return you filter in JSON format, will contain a field 'searchUrl'
2. Calling URL given in searchUrl field will give you results of query you are looking for.

If you didn't like the way mentioned above, you can always use JQL search, for this you need to just encode JQL query and not the whole url.

1. So, if your JQL string is 'assignee = currentUser() AND resolution = Unresolved order by updated DESC'
2. Your curl request will be,

   • curl --request GET \
       --url 'BASE_URL/rest/api/latest/search?jql=assignee%20%3D%20currentUser()%20AND%20resolution%20%3D%20Unresolved%20order%20by%20updated%20DESC' \
       --user 'USER_NAME:PASSWORD' \
       --header 'Accept: application/json' \
       --header 'Content-Type: application/json'

   • This will give you results you are looking for.

Now coming to your question about `currentUser()` function in search, yes this will get populated with user who is accessing API, i.e. user passed in '--user' param in your curl request.

Another important point here is passing, 'Accept: application/json' and 'Content-Type: application/json' header in API request. Otherwise you might get error like 'Media type not supported'.

Looks good.  The last question that probably got lost at the end was about generating a "user token".  If I"m going to script these retrievals, I'd rather not hardcode my network credentials.  Several services (bitbucket and sonarqube, for instance) provide the ability to generate a "user token" associated with an account that is only used with the REST api. Leaking it has less risk than network credentials.  I don't see an obvious place to do this in Jira.

@David Karr  I'm sorry to say but there are no API tokens in Jira Server.

But you can use oAuth if you are building full fledged application. This is documented here - https://developer.atlassian.com/server/jira/platform/oauth/

Hello @David Karr and @DPKJ  - I have great news!  Our friends at resolution Reichert Network Solutions GmbH have solved this issue for us by introducing API Token Authentication for Jira supporting both server and data center deployments.

TBH, I have not used this product yet but if it's anywhere near the quality of their SSO add-ons, it'll be rock solid and highly performant.

Cheers,
~~Larry Brock

@LarryBrock  That is nice.

But token based solution like this - ( https://marketplace.atlassian.com/apps/1221182/api-tokens-for-jira?hosting=server&tab=overview ) are already available, if you want to test them.