I am wondering is that possible to register(create) a webhook via REST API when the user-account (who send the request) doesn't have admin access?
In general, What if I ask permission for some scopes during login, user accepts it, but those permissions were not provided by his admin.
example: I asked for manage:jira-webhook, but user doesn't belong to site-admins access group.
Hi @Hosein Nourani ,
if you are logged in to Jira and you are using GUI, you can manage webhooks only if you are Jira administrator. I haven’t test this, but I expect the permissions will be the same for the REST API. So I don’t it is possible.
Thanks Hana.
So, is that true to say
for creating the webhook via my OAuth2 app, I need a user with admin access level to login?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Yes, I believe so, @Hosein Nourani
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
hi @Hana Kučerová Sorry I want to ask a question related to webhook and the permissions required for creating / updating.
I was wondering how can I make sure the oauth(3lo) access token I got with sufficient permissions to register / update / delete webhook?
Based on the how to mentioned in the doc, I can create webhook through GUI or RESTAPI only if the access token granted by the user with Jira Administrators Global Permission.
Then I test creating webhook on GUI, it worked.
But when I make an API request to `mypermissions` to check my `GLOBAL` permissions, the response looks like I don't Administor permission.
Below is the response:
```
{
"permissions": {
"ADMINISTER": {
"id": "0",
"key": "ADMINISTER",
"name": "Administer Jira",
"type": "GLOBAL",
"havePermission": false
},
"SYSTEM_ADMIN": {
"id": "44",
"key": "SYSTEM_ADMIN",
"name": "Jira System Administrators",
"type": "GLOBAL",
"havePermission": false
}
}
}
```
So I was wondering which global permission is related to webhook creation/update/deletion ?
And how can I make sure I can create a webhook before I really make a API request.
Thanks!
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.