Is it possible to EASILY get each user's API token or have them retrieve it? For GH and Jenkins, it seems as simple as clicking a few links.
For context, I have Hubot set up on Hipchat and I have a lot of scripts with JIRA functionality. However, I want to authenticate each user when they use commands to access JIRA's API. For example, I do not want a user who is not in a JIRA project to be able to access it. Through basic authentication, this is not possible. It seems like Oauth does not allow this EASILY as the process to retrieve a JIRA API token is rather painful for a typical user.
Am I not understanding how Oauth works? Each user has to go through the entire instructions below right? https://developer.atlassian.com/jiradev/jira-apis/jira-rest-apis/jira-rest-api-tutorials/jira-rest-api-example-oauth-authentication
OAuth works by requesting multiple requests to the Service Provider in this case Jira.
Here is the flow of the 3 legged authentication.
It is important that you have a service that re-authentication in case the code is revoked or expired.
For more information please check the link below.
https://developer.atlassian.com/cloud/jira/platform/oauth-2-authorization-code-grants-3lo-for-apps/
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.