Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

How to create ticket via POST request directly from Reactjs front-end?

Raffaele Messina
Raffaele Messina July 12, 2021

Hi everyone

i am developing a react application with a java backend; right now i need a way to integrate with Jira Software Cloud. I need to create tickets via REST API call directly from front-end.
When i try to make a POST request it shows me CORS policy error. I have searched the internet and found out that there is a way to whitelist domain, but this is possible only in Jira Server.
My question is: is there a way to avoid CORS block when making a POST request from React front-end to Jira Software Cloud? Can i avoid use of backend?

Answer
Watch
Like Be the first to like this
1678 views

1 answer

1 accepted

0 votes
Answer accepted
Dario B
Dario B
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
July 13, 2021

Ciao @Raffaele Messina ,

Welcome to the Atlassian Community!

As  you can read in the below thread in the developers community CORS are only supported when using Oauth2 in Jira Cloud:

https://community.developer.atlassian.com/t/cors-error-with-rest-api/27354/4

We actually do support CORS requests when using https://developer.atlassian.com/cloud/jira/platform/oauth-2-authorization-code-grants-3lo-for-apps/, as your requests will go through api.atlassian.com where token based authentication is the only thing we allow.

For further explanation: The problem why we don’t support CORS directly on your site host/domain is that we accept session based authentication on there, which would then allow any site to make random, authenticated requests to your site.

The alternative is to proxy your requests through your own backend

 

Therefore, you have 2 options:

  1. Use Oauth2 
  2. Use something like CORS anywhere to proxy the requests 

 

I hope this helps.

 

Finally, for the future, please notice that this is not the best place to get help on development  related questions. The right resources are listed in https://developer.atlassian.com/resources. 

Specifically:

 

 

Cheers,
Dario

View More Comments
Raffaele Messina
Raffaele Messina July 14, 2021

Hi, thank you very much for your tempestive response and for pointing me out the right forum where to post questions;

So basically if i implement the Oauth2 i can do post request directly from frontend

thanks

Like
Raffaele Messina
Raffaele Messina July 14, 2021

@Dario B 

i read the documentation about OAuth2 (3LO), and from what i've understood, the user must be prompted with a screen where he basically logs in; in my case i am in a Java backend, and i can't display user a new page where to authenticate.

is it possible to use OAuth2 3LO without the need of user interaction?

i don't know why but in the java client my POST always gets the error "please specify a valid project id or key", while the same POST request, sent via Postman gives me a success and create the tickets on my poject.
The payload is the same, and the Authentication method is Basic Auth (email:api_key 64encoded)

Like Dario B likes this
Dario B
Dario B
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
July 15, 2021

@Raffaele Messina ,

Your understanding is correct. Therefore, in your case, use a CORS proxy like the one already mentioned or you may also want to review:

 

As per the error with your java client, you can proceed as it follows:

  1. Create a mock endpoint using one of the many tools available online (e.g. https://beeceptor.com/https://requestbin.com/https://pipedream.com/requestbinhttps://requestbin.net/)
  2. Send the same POST request from Postman and from your java client to the endpoint created in previous step
  3. Check what has been received by the mock endpoint and look for differences in the header, body, etc

 

I hope this helps.

 

Cheers,
Dario

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira Software
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
FREE
PERMISSIONS LEVEL
Site Admin
TAGS
AUG Leaders

Atlassian Community Events

    See all events