Hi,
I'm creating a Bitbucket Pipeline with a custom task to get Jira issues data via REST API and basic auth, but from what I understand a user it's needed in order to create an API token.
Is there a way or special environment variable to use as Basic Auth in Bitbucket Pipeline instead of creating a fake user inside Jira? It would avoid creating a Jira user only for this special purpose: to create a basic auth which will be used inside the Bitbucket Pipeline. It's just a waste of user registrations.
Hello @Alexandru Popa ,
When using basic auth you still use it with an Atlassian account email address and an API token to pass the authentication, and the following document gives the details on how to do this:
However, as noted in the KB we recommend using oAuth 2.0 instead when building an app:
Basic authentication is not as secure as other methods. We recommend you use OAuth 2.0 authorization code grants (3LO) for any apps you create in the developer console that don't use Atlassian Connect. If you're using Connect, see Security for Connect apps.
So the oAuth method would also fit the scenario you described, of not having to create a dedicated user as an API account as it sets up a validated app token separate from a user account using add-on app permissions instead. i.e. apps don't use up a user seat.
I recommend checking out the mentioned OAuth 2.0 authorization code grants (3LO) document as a great getting started point.
Regards,
Earl
Oh ok, so the only way is OAuth 2.0. I was hoping for less overkill in doing it in bash script.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.