Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

OAuth head scratcher

Jason Jardina July 15, 2022

Hey guys, got an interesting question.

So, I configured an external app with jira using OAuth.  I followed the oauth procedures from Atlassian and everything works fine.  My external app can communicate with my Jira instance no problem.

The thing is, when my external app creates a comment in a Jira ticket, its done under my name! 

When I created the certificate for the OAuth, I did not specify an email address or my name.  In fact, I did the whole OAuth process, linked above, using an virtual machine that did not know anything about me.

Is it because when I went to the temporary authorize page (Step 3) in documentation, I was logged in as me?

Is there a place I can set the incoming oauth connection to be a different name, like a service name instead of mine?

Thanks in advance,
Jason

3 answers

1 accepted

Suggest an answer

Log in or Sign up to answer
3 votes
Answer accepted
Sam Nadarajan
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
July 15, 2022

Hello @Jason Jardina  and welcome to the Community!

Per the instructions you linked, 

This process is commonly known as theOAuth dance. Jira uses 3-legged OAuth (3LO), which means that the user is involved by authorizing access to their data on the resource (as opposed to 2-legged OAuth, where the user is not involved).

If you have an extra license to allocate to a generic user, or a generic licensed user account on your instance currently, you can follow the steps you just did but with that account. That would then result in the name of that account being associated with any actions that occur in Jira.

Hope this helps

Jason Jardina July 15, 2022

Good catch.  This is most likely the answer. 

I think this is an artifact of accepting the authorization under my own account.  I will go through the dance again and when I get to the step of accepting the authorization, I'll be sure to be logged in as a service agent instead of myself.  I was under the impression it would use the certificate values or more likely, the application name under application links where I defined the oauth connection.  I wouldn't mind if it just said OAuth or external application, but not my name on every comment organization wide.  I don't want to be that popular in my organization. :D

Like # people like this
1 vote
Erin Blomert July 15, 2022

I haven't worked exactly in this situation with OAuth, but I did run into something very similar with a different integration.

I had to generate an API Key, and that key was linked to my Jira user account - hence the integration using that key logged everything as me.

I solved the issue by using a service account to generate my keys going forward.

0 votes
Frederik Vindum July 19, 2022

We had the same issue with Bitbucket's workspace variables. Creating a service account user was the right choice.

TAGS
AUG Leaders

Atlassian Community Events