Get product advice from experts

Ask a question →

Join a community group

Find a group →

Advance your career with learning paths

Take a free class →

Earn badges and rewards

Connect and share ideas at events

See the calendar →

Community
Products
Jira Software
Questions
Creating user does not work for me

Creating user does not work for me

Hi,

I am using https://developer.atlassian.com/cloud/jira/platform/oauth-2-3lo-apps/

to authenticated, I have registered the app and then I am trying to create the user using the api.

I am following proper URL too.

https://api.atlassian.com/ex/jira/{cloudid}/{api}

I am getting this error.
{"errorMessages":["OAuth 2.0 is not enabled for method: POST /rest/api/2/user/"]}

I tried different solution but nothing worked for me.

1 answer

1 accepted

1 vote

Answer accepted

Hello @ankit

The error message is only telling what is true... that endpoint does not support OAuth 2.0, exactly as per that endpoint's documentation:

Create user
Experimental. POST /rest/api/2/user
Creates a user. This resource is retained for legacy compatibility. As soon as a more suitable alternative is available this resource will be deprecated.
If the user exists and has access to Jira, the operation returns a 201 status. If the user exists but does not have access to Jira, the operation returns a 400 status.
Permissions required: Administer Jira global permission
---> Connect apps cannot access this REST resource <---

Also, refer to the corresponding feature request JRACLOUD-43171

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

@David Bakkers Thank you very much for the support. Can you please guide me what's an alternative to Create Users/Terminate users?

We are using OAuth 2.0 to perform and action on users behalf and once we have access token we want to create/terminate users based on the request

If we can create atlassian account that should be sufficient I guess.

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Like

There is no 'alternative'. Atlassian doesn't want you creating / deleting / editing users from within a Connect / Forge / other app using credentials based on any user's granted OAuth token.

Google 'jira oauth 2 delete users' to read where others have asked the same question, like this one, and gotten the same answer.

Google 'jira connect app delete users' to read all the articles, like this one, that discuss the topic.

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Like • ankit likes this

I agree 100% but there should be a way to escalate restriction.

Thanks David.

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Like

When you say "there should be a way" what do you mean by 'a way'?

To me it sounds like you are saying "Yes, I know Atlassian is stopping my app from doing something that would break the platform's basic security principals, but there should be 'a way' my app can get special, escalated permissions to bypass all the security restrictions and do terrible things... just because I think it should."

Good luck with that Ankit.

Have fun, and I think I'll leave you to your musings now.

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Like

Hi David, No I did not mean that. It is easy to throw assumptions :)
I was wondering if there is a way to do this with proper permissions and if that does not break security.

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Like

Reply

Suggest an answer

Log in or Sign up to answer

Was this helpful?

Thanks!

DEPLOYMENT TYPE

CLOUD

PRODUCT PLAN

FREE

PERMISSIONS LEVEL

Site Admin

TAGS

Community showcase