I am wondering if there is a way of bringing in Jira issues into confluence to allow anonymous users to see without making our Jira instance open to anonymous? We only want to pull in a few fields like Status, Known Issue Workaround, Known Issue Description, and key. We want to show this information to anonymous users but since they don't have access to our Jira instance then nothing shows up for them. They have to be signed into both confluence and Jira to be able to view this, which can't happen. I was thinking this may be possible by querying the Jira DB but since we have on-demand Jira that means we dont have access to the DB. Is there some other way of us being able to pull these description fields into Confluence without having to open up our Jira to anonymous? Thanks

Community
Q&A
Jira
Questions
Pulling in Jira issues without opening Jira to anonymous in Confluence

REST API auth error

Hi Community,

we´re building simple Python scripts for JIRA using the REST API with Basic auth (this way is ok for us, no need for Oauth at the moment).

For building the correct codes we´re using SOAP UI before we implement it in our scripts.

When we start execution, for example GET on https://jira.ourdomain.com/rest/api/2/applicationrole we see an error 401 Unauthorized (401). After some tries we get an error 403 and CAPTCHA is active for this user .

So it´s seems that data was correct and the username can be extracted from base64 encoded string by JIRA (base64 string is username:password).

In the past this way worked fine.

The same credentials (base64) work perfect in Confluence with REST API, so it seems to be a problem on JIRA side. In the backend both systems use Crowd with the same user directory (LDAP).

We´re using JIRA 8.6.1 with reverse proxy and activated SSL.

Regards

Uli

2 answers

1 accepted

1 vote

Answer accepted

No, you need anonymous access or a login.

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

So there is no work around for this? Is there something in Jira that can be done, like only make some fields open to anonymous?

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

No.

It's not easy to code for and vastly useless for most users. And you couldn't do it by "making fields open", you'd have to "make everything open anonymously" and then code to actively hide the rest. Which is a bad security approach as well because it makes it easy to inadvertently leak information.

Your best options remain "anonymous read" or "login"

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

The problem is that we don't want to give anonymous read access to everything and we can't have them login since they are anonymous and dont want to create users for everyone.

Do you know if its possible to clone stories/task and give anonymous access to the cloned version. We would have two sets: one open to anonymous and one private? The private one will have more information but the cloned one will just have the fields we want anonymous to see. Then we can pull those cloned ones in confluence. If this is possible though, we would need to figure out how to update the cloned ones when the original one changes.

Sorry if any of these ideas seem dumb but I don't know Jira very well, only confluence.

Thanks

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Yes, duplicates could work - you'd need to move the copies to another project, then have "most projects are private" and "anonymous" access on the other one. As you suspect, there's the issue about keeping them in line with each other.

Another option might be some form of scripted replication - have another system that reads Jira for the data you need (with a login), then publishes it (in anonymous mode) so that confluence can read it.

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Actually your second idea sounds better because then I won't have to worry about making sure the clone is always updated when the original changes. Having some script handle that would be much easier.

Thanks for your help. Now I just have to research how something like this is made

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

0 votes

Hello Gentlemen,

I have similar issue. I'm trying to show Jira issues from jira project which can be accessed anonymously to logged in Conflucence users. Users have accounts in Confluence but not in Jira due to lower number of licenses in Jira. We have trusted communication between Jira and Confluence enabled. And problem is that logged in Confluence users can't see issues from anonymous Jira project, because they don't have account also in Jira. They just see error message: "The jira server returned trusted apps error: PERMISSION DENIED". Do you know if I can somehow change settings for Confluence macro to check Jira anonymously?

Confluence version 5.3.4

Thank you in advance

Radek

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Forums

Q&A

Community resources

Support

Top groups

Community resources

Support

Learn

Community resources

Support

Events

Community resources

Support

REST API auth error

2 answers

1 accepted

Suggest an answer

Was this helpful?

Thanks!

TAGS

Community showcase

Atlassian Community Events