Hi,
I am using https://developer.atlassian.com/cloud/jira/platform/oauth-2-3lo-apps/
to authenticated, I have registered the app and then I am trying to create the user using the api.
I am following proper URL too.
I am getting this error.
{"errorMessages":["OAuth 2.0 is not enabled for method: POST /rest/api/2/user/"]}
I tried different solution but nothing worked for me.
Hello @ankit
The error message is only telling what is true... that endpoint does not support OAuth 2.0, exactly as per that endpoint's documentation:
Create user
Experimental. POST /rest/api/2/user
Creates a user. This resource is retained for legacy compatibility. As soon as a more suitable alternative is available this resource will be deprecated.
If the user exists and has access to Jira, the operation returns a 201 status. If the user exists but does not have access to Jira, the operation returns a 400 status.
Permissions required: Administer Jira global permission
---> Connect apps cannot access this REST resource <---
Also, refer to the corresponding feature request JRACLOUD-43171
@David Bakkers Thank you very much for the support. Can you please guide me what's an alternative to Create Users/Terminate users?
We are using OAuth 2.0 to perform and action on users behalf and once we have access token we want to create/terminate users based on the request
If we can create atlassian account that should be sufficient I guess.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
There is no 'alternative'. Atlassian doesn't want you creating / deleting / editing users from within a Connect / Forge / other app using credentials based on any user's granted OAuth token.
Google 'jira oauth 2 delete users' to read where others have asked the same question, like this one, and gotten the same answer.
Google 'jira connect app delete users' to read all the articles, like this one, that discuss the topic.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
When you say "there should be a way" what do you mean by 'a way'?
To me it sounds like you are saying "Yes, I know Atlassian is stopping my app from doing something that would break the platform's basic security principals, but there should be 'a way' my app can get special, escalated permissions to bypass all the security restrictions and do terrible things... just because I think it should."
Good luck with that Ankit.
Have fun, and I think I'll leave you to your musings now.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi David, No I did not mean that. It is easy to throw assumptions :)
I was wondering if there is a way to do this with proper permissions and if that does not break security.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.