Hey guys, got an interesting question.
So, I configured an external app with jira using OAuth. I followed the oauth procedures from Atlassian and everything works fine. My external app can communicate with my Jira instance no problem.
The thing is, when my external app creates a comment in a Jira ticket, its done under my name!
When I created the certificate for the OAuth, I did not specify an email address or my name. In fact, I did the whole OAuth process, linked above, using an virtual machine that did not know anything about me.
Is it because when I went to the temporary authorize page (Step 3) in documentation, I was logged in as me?
Is there a place I can set the incoming oauth connection to be a different name, like a service name instead of mine?
Thanks in advance,
Jason
Hello @Jason Jardina and welcome to the Community!
Per the instructions you linked,
This process is commonly known as theOAuth dance. Jira uses 3-legged OAuth (3LO), which means that the user is involved by authorizing access to their data on the resource (as opposed to 2-legged OAuth, where the user is not involved).
If you have an extra license to allocate to a generic user, or a generic licensed user account on your instance currently, you can follow the steps you just did but with that account. That would then result in the name of that account being associated with any actions that occur in Jira.
Hope this helps
Good catch. This is most likely the answer.
I think this is an artifact of accepting the authorization under my own account. I will go through the dance again and when I get to the step of accepting the authorization, I'll be sure to be logged in as a service agent instead of myself. I was under the impression it would use the certificate values or more likely, the application name under application links where I defined the oauth connection. I wouldn't mind if it just said OAuth or external application, but not my name on every comment organization wide. I don't want to be that popular in my organization. :D
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I haven't worked exactly in this situation with OAuth, but I did run into something very similar with a different integration.
I had to generate an API Key, and that key was linked to my Jira user account - hence the integration using that key logged everything as me.
I solved the issue by using a service account to generate my keys going forward.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
We had the same issue with Bitbucket's workspace variables. Creating a service account user was the right choice.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Recommended Learning For You
Level up your skills with Atlassian learning
Learning Path
Jira Administrator
Configure Jira Software, Jira Core, or Jira Service Management, including global settings, permissions, and schemes.
Managing Jira Projects Cloud
Learn to create and configure company-managed projects in Jira Software and partner effectively with Jira Admins.
Learning Path
Become an effective Jira Software Project Admin
This learning path is designed for team leaders who configure Jira Software projects to match a team's processes.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.