Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Next challenges

Recent achievements

  • Global
  • Personal

Recognition

  • Give kudos
  • Received
  • Given

Leaderboard

  • Global

Trophy case

Kudos (beta program)

Kudos logo

You've been invited into the Kudos (beta program) private group. Chat with others in the program, or give feedback to Atlassian.

View group

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Does JIRA allows basic authentication setup as an Oauth with jira-python

How can i switch from basic authentication to Oauth using jira-python

1 answer

1 accepted

0 votes
Answer accepted

Hi Ashish

1. Following instructions here to perform OAuth dance and configuration in Jira application links, https://developer.atlassian.com/server/jira/platform/oauth/

2. Following instructions here to login through OAuth using jira-python, https://jira.readthedocs.io/en/latest/examples.html#oauth

Thanks Daniel . This should help me but is there something in python to perform Oauth dance and configuration , actually i was making some scripts to update jira-issues using jira-python so the problem is when we connect jira using basic-auth it ask password every time when i pass it to via getpass . so to avoid this i have three plans mentioned bellow to do could you suggest which will be applicable.

1. JIRA Oauth 

2.  user switcher ( connect with a default super user as admin and switch it to current user after connect to jira)

3. LDAP user authentification (Does jira allows as user's are inside jira??)

Hi Ashish

I use Jira python for similar purposes. To avoid entering password every time, I just hard coded the password in the script. Do you have any concern to do the same? Or your script is being used by different individuals so that they have to input their own user name and password?  I would recommend to use a general account for this purpose, and hard code the user name and password.

There are some implementations to perform Oauth using python, for example, https://pypi.org/project/jira-oauth/, I did not try it by myself. Actually, to perform Oauth dance, you don't have to use the same language as you do for actual authentication, it is just a one time short to get the token, after that, you can just use your python script to login using the token.

As for your 3 options

I don't quite understand #2 and #3

2. I think you have to re-authenticate if you want to switch user. Actually, even if you use OAuth, all the permission you have are limited to the user who performed the dance.  

3. What you referred to by saying "Does jira allows as user's are inside jira??" ?

Hi Daniel,

We can't hard coded the password because it will use by different individuals and they input their name and password . Currently we are using general account as an admin (SU_PM_AVS) but problem is all the update goes from that account name like SU_PM_AVS added a comment etc..here we want user account name instead of SU_PM_AVS

#2 we want something like connect by SU_PM_AVS  that allow to switch user for all the update by user account name without authentication 

#3 can we integrate jira with LDAP server 

And can you share what will be all limitations to the users who performed the dance??

Hi Ashish

As my understanding, you have a generic script that will be executed by multiple users to update Jira issues, and you want to keep track of the changes on Jira server by individual users instead of a generic account, at the same time, entering user name and password is something you want to avoid, is that true? If yes, it is a little bit controversial, I am curious why you have to identify individual user for a repeated, generic operation (implemented in the script).

Anyhow for your bulletins

#2 we want something like connect by SU_PM_AVS  that allow to switch user for all the update by user account name without authentication 

I don't think it is possible no matter you use simple login or Oauth.

#3 can we integrate jira with LDAP server 

Jira allows you to add your AD directory as user groups and grant permission to the group, but even with that, you still have to login either through web interface or api.

#4 And can you share what will be all limitations to the users who performed the dance??

In Jira, a client is authenticated as the user involved in the OAuth dance and is authorized to have read and write access as that user. The data that can be retrieved and changed by the client is controlled by the user's permissions in Jira.

If you login through Oauth, all the requests are made as the user who authorized the initial request token. 

In conclusion, I am thinking a workaround for your case. For each individual, save their user name and password in a pre-defined local path/file on the machine where they will run the script, assuming each individual will run the script from their own pc, All users need to use the same path/file name. And read the user name and password from that file in your script.  

   

Suggest an answer

Log in or Sign up to answer
TAGS
Community showcase
Posted in Jira Core

How to manage many similar workflows?

I have multiple projects that use variations of the same base workflow. The variations depend on the requirements of the project or issue type. The variations mostly come in the form of new statuses ...

3,998 views 11 5
Join discussion

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you