Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Interests
See all
Community resources
Top groups
Explore all groups
Community resources
Celebration

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root

Avatar

1 badge earned

Collect

Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!

Challenges
Coins

Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.

Recognition
Ribbon

Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!

Leaderboard

Join now to unlock these features and more

Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Get started Tell me more
Atlassian Community about banner
4,556,455
Community Members
 
Community Events
184
Community Groups

Register Webhooks via REST with non-admin-access token

Hosein Nourani
Hosein Nourani Sep 10, 2022

I am wondering is that possible to register(create) a webhook via REST API when the user-account (who send the request) doesn't have admin access?

In general, What if I ask permission for some scopes during login, user accepts it, but those permissions were not provided by his admin.

example: I asked for manage:jira-webhook, but user doesn't belong to site-admins access group.

 

 

 

Answer
Watch
Like Be the first to like this
463 views

1 answer

1 vote
Hana Kučerová
Hana Kučerová
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
Sep 11, 2022

Hi @Hosein Nourani ,

if you are logged in to Jira and you are using GUI, you can manage webhooks only if you are Jira administrator. I haven’t test this, but I expect the permissions will be the same for the REST API. So I don’t it is possible.

View More Comments
Hosein Nourani
Hosein Nourani Sep 11, 2022

Thanks Hana.
So, is that true to say

for creating the webhook via my OAuth2 app, I need a user with admin access level to login?

Like
Hana Kučerová
Hana Kučerová
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
Sep 12, 2022

Yes, I believe so, @Hosein Nourani 

Like
Hosein Nourani
Hosein Nourani Sep 12, 2022

Thanks Hana. I’ll try it.

Like
Mike Chiu
Mike Chiu Oct 03, 2022 • edited

hi @Hana Kučerová Sorry I want to ask a question related to webhook and the permissions required for creating / updating.

I was wondering how can I make sure the oauth(3lo) access token I got with sufficient permissions to register / update / delete webhook?

Based on the how to mentioned in the doc, I can create webhook through GUI or RESTAPI only if the access token granted by the user with Jira Administrators Global Permission.

Then I test creating webhook on GUI, it worked. 

But when I make an API request to `mypermissions` to check my `GLOBAL` permissions, the response looks like I don't Administor permission.

 

Below is the response:

```

{
  "permissions": {
    "ADMINISTER": {
      "id": "0",
      "key": "ADMINISTER",
      "name": "Administer Jira",
      "type": "GLOBAL",
      "havePermission": false
    },
    "SYSTEM_ADMIN": {
      "id": "44",
      "key": "SYSTEM_ADMIN",
      "name": "Jira System Administrators",
      "type": "GLOBAL",
      "havePermission": false
    }

  }

}

```

 

So I was wondering which global permission is related to webhook creation/update/deletion ?

And how can I make sure I can create a webhook before I really make a API request.

Thanks!

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira Core
Jira Core Server
TAGS
AUG Leaders

Atlassian Community Events

See all events