Are you in the loop? Keep up with the latest by making sure you're subscribed to Community Announcements. Just click Watch and select Articles.

×
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Celebration

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root

Avatar

1 badge earned

Collect

Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!

Challenges
Coins

Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.

Recognition
Ribbon

Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!

Leaderboard

Join now to unlock these features and more

OAuth head scratcher

Jason Jardina
Jason Jardina Jul 15, 2022

Hey guys, got an interesting question.

So, I configured an external app with jira using OAuth.  I followed the oauth procedures from Atlassian and everything works fine.  My external app can communicate with my Jira instance no problem.

The thing is, when my external app creates a comment in a Jira ticket, its done under my name! 

When I created the certificate for the OAuth, I did not specify an email address or my name.  In fact, I did the whole OAuth process, linked above, using an virtual machine that did not know anything about me.

Is it because when I went to the temporary authorize page (Step 3) in documentation, I was logged in as me?

Is there a place I can set the incoming oauth connection to be a different name, like a service name instead of mine?

Thanks in advance,
Jason

Answer
Watch
Like John Elder likes this
420 views

3 answers

1 accepted

Suggest an answer

Log in or Sign up to answer
3 votes
Answer accepted
Sam Nadarajan
Sam Nadarajan
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
Jul 15, 2022

Hello @Jason Jardina  and welcome to the Community!

Per the instructions you linked, 

This process is commonly known as theOAuth dance. Jira uses 3-legged OAuth (3LO), which means that the user is involved by authorizing access to their data on the resource (as opposed to 2-legged OAuth, where the user is not involved).

If you have an extra license to allocate to a generic user, or a generic licensed user account on your instance currently, you can follow the steps you just did but with that account. That would then result in the name of that account being associated with any actions that occur in Jira.

Hope this helps

View More Comments
Reply
Jason Jardina
Jason Jardina Jul 15, 2022

Good catch.  This is most likely the answer. 

I think this is an artifact of accepting the authorization under my own account.  I will go through the dance again and when I get to the step of accepting the authorization, I'll be sure to be logged in as a service agent instead of myself.  I was under the impression it would use the certificate values or more likely, the application name under application links where I defined the oauth connection.  I wouldn't mind if it just said OAuth or external application, but not my name on every comment organization wide.  I don't want to be that popular in my organization. :D

Like # people like this
1 vote
Erin Blomert
Erin Blomert Jul 15, 2022

I haven't worked exactly in this situation with OAuth, but I did run into something very similar with a different integration.

I had to generate an API Key, and that key was linked to my Jira user account - hence the integration using that key logged everything as me.

I solved the issue by using a service account to generate my keys going forward.

Reply
0 votes
Frederik Vindum
Frederik Vindum Jul 19, 2022

We had the same issue with Bitbucket's workspace variables. Creating a service account user was the right choice.

Reply

Recommended Learning For You

Level up your skills with Atlassian learning

Learning Path

Jira Administrator

Jira Software

Configure Jira Software, Jira Core, or Jira Service Management, including global settings, permissions, and schemes.

12.7h Advanced
Path

Managing Jira Projects Cloud

Jira Software

Learn to create and configure company-managed projects in Jira Software and partner effectively with Jira Admins.

4h Intermediate
On Demand

Managing Permissions in Jira Cloud

Jira Software

Sharpen your skills at configuring and troubleshooting permissions in Jira Cloud with this free course.

1h Advanced
Free
groups-icon
Jira Cloud Admins
TAGS
AUG Leaders

Atlassian Community Events

See all events