Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
4,363,785
Community Members
 
Community Events
168
Community Groups

Creating user does not work for me

Hi, 

I am using https://developer.atlassian.com/cloud/jira/platform/oauth-2-3lo-apps/

to authenticated, I have registered the app and then I am trying to create the user using the api.

I am following proper URL too.


I am getting this error.
{"errorMessages":["OAuth 2.0 is not enabled for method: POST /rest/api/2/user/"]}

 

I tried different solution but nothing worked for me.

1 answer

1 accepted

1 vote
Answer accepted

Hello @ankit 

The error message is only telling what is true... that endpoint does not support OAuth 2.0, exactly as per that endpoint's documentation:

Create user

Experimental. POST /rest/api/2/user

Creates a user. This resource is retained for legacy compatibility. As soon as a more suitable alternative is available this resource will be deprecated.

If the user exists and has access to Jira, the operation returns a 201 status. If the user exists but does not have access to Jira, the operation returns a 400 status.

Permissions required: Administer Jira global permission

---> Connect apps cannot access this REST resource <---

Also, refer to the corresponding feature request JRACLOUD-43171

@David Bakkers Thank you very much for the support. Can you please guide me what's an alternative to Create Users/Terminate users? 

We are using OAuth 2.0 to perform and action on users behalf and once we have access token we want to create/terminate users based on the request

If we can create atlassian account that should be sufficient I guess.

There is no 'alternative'. Atlassian doesn't want you creating / deleting / editing users from within a Connect / Forge / other app using credentials based on any user's granted OAuth token.

Google 'jira oauth 2 delete users' to read where others have asked the same question, like this one, and gotten the same answer.

Google 'jira connect app delete users' to read all the articles, like this one, that discuss the topic.

Like ankit likes this

I agree 100% but there should be a way to escalate restriction. 

Thanks David.

When you say "there should be a way" what do you mean by 'a way'?

To me it sounds like you are saying "Yes, I know Atlassian is stopping my app from doing something that would break the platform's basic security principals, but there should be 'a way' my app can get special, escalated permissions to bypass all the security restrictions and do terrible things... just because I think it should."

Good luck with that Ankit.

Have fun, and I think I'll leave you to your musings now.

Hi David, No I did not mean that. It is easy to throw assumptions :) 
I was wondering if there is a way to do this with proper permissions and if that does not break security. 

Suggest an answer

Log in or Sign up to answer
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
FREE
PERMISSIONS LEVEL
Site Admin
TAGS

Atlassian Community Events