Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
Community Members
Community Events
Community Groups

Automation for Jira - Send web request using Jira REST API

The goal of this article is to help to build out-of-box solutions with Automation for Jira (A4J) and Jira REST API. We will cover how to send a REST API through A4J. This will be useful to automate a REST API action. For instance, when an issue will be created, we can add a new field option into a field type e.g: "Select List (single choice)".

Rule example:


We would like to point out that using Jira REST API with A4J opens many opportunities to build great workarounds to resolve possible issues. :)

How to build this rule?

We will cover the trickiest part of this rule, which is the REST API configuration. Considering this, let's follow the steps below. We'll explain how to make this as we go:

1. We need to generate the API token associated with your Atlassian account within Jira. For this, we can follow this documentation: API tokens - Atlassian Documentation.

2. Then we need to encode the credentials "<EMAIL>:<API_TOKEN>with base64. We can make this through any online tool like Base64 encode.
Note: Make sure not to include a line break at the end. 

Apart from that, it's possible to Encode to base64 through terminal:

$ echo -n "<YOUR_TOKEN_HERE>" | base64

3. Into the rule action, we can use all Jira REST API available in Jira: (The Jira platform REST API).

E.g.: https://<jira_instance>/rest/api/3/customField/10287/option

Make sure to include the entire instance URL:

4. Add the Headers with Authorization Basic "<EMAIL>:<API_TOKEN>" encoded to base64.

E.g.: Authorization Basic HzxuhHbhzhdjasYTgdjGfrGHzxuhHbhzhdjasYTgdjGfrG


5. HTTP method: in this case, we'll send the web request by POST, however, it's possible to use other methods like GET, PUT, DELETE.

6. Webhook body: select Custom data to be able to send the JSON data.

7. Then, in "Custom data" we can add the JSON payload.

Example from Jira REST API:


Send web request example:


Note: Select the option “Delay execution of subsequent rule actions until we've received a response for this webhook" if you want to receive the answer into {{webhookResponse.status}}. With this log action below, the webhook response will be printed on the audit log.


Hope that this article helps everyone! :)


Sachin Rising Star Jul 28, 2020

This is a great addition @Cristiano ! I might have to play around with it to see how can I utilize this new feature.

Cristiano Atlassian Team Jul 29, 2020

Thank you @Sachin. Hope that helps you in the future. ;)

Great article @Cristiano !

Thanks for sharing this document with the community

Taranjeet Singh Community Leader Jul 31, 2020

Great article @Cristiano , thanks for sharing this useful Automation rule!

Cristiano Atlassian Team Aug 03, 2020

I'm glad @Taranjeet Singh that was helpful. :) Thanks for this feedback.

When response status is 404, apparently the rule cannot continue? I would like to continue with an if/else block and treat a response status of 200 in one way and 404 in another way but in my case, it appears the execution is completely blocked and I cannot go the 404 else route.

Added this question to the community as well: I try to send webhook for some interogation. How t... (

Hey, @Richard Vencu hope you doing well! 

Sorry for the delay.

Well, it seems that Simeon has replied to you via community "I'm afraid not. We have got an improvement tracking this (AUT-1622 - Ability to react when sending a webhook fails), which would add the option to allow the rule to continue on a non 2xx response."

That said, at this moment when we receive a code 4xx or 5xx the rule will stop, making it impossible to validate it via IF/ELSE. We also have this other feature request about this: AUT-1450 - If a send web request action fails rule should still continue to execute.

Have a nice day. :)



Hi, that's a great feature! we now need to send the attachment of the email, so we set the content-type to "application/octet-stream" but i'm not sure on how to send the attachment of the ticket in the request body, is it possible/supported?

Like Peter Loh likes this

UPDATED: The solution to the following 403 Access Denied errors is that we were sending to an external API using a disallowed port.  The only allowed ports to send outbound to are: 80 8080 443 8443 8444 7990 8090 8085 8060 (this was from a support request with Atlassian).

Our attempts to validate the action result in a 403 access denied with a response:

Server: squid
Mime-Version: 1.0
Date: Thu, 28 Jan 2021 21:33:57 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 3117
Vary: Accept-Language
Content-Language: en
X-Cache: MISS from
X-Cache-Lookup: NONE from
Via: 1.1 (squid)
Connection: keep-alive

and then in the html response body:

Access control configuration prevents your request from being allowed at this time. Please contact your service provider if you feel this is incorrect.


Like # people like this


I have been using your method to make a PUT on /rest/api/3/version/{id}, as jira automation does not allow to add a description on create version, but all I get is the following answer : 

Basic authentication with passwords is deprecated. For more information, see:

and still I'm using an api token and not a password.


Any idea on how to resolve this issue ?

Thank you !

Like # people like this

@Cristiano This works in theory. However, is there a way to have a proper Authorization field where the token is not visible?

Like # people like this

What if I wish to save the respone of this webrequest in one of the field of JIRA at the end of web request execution?

@Bindiya Vikram NaikYou can set it as a Variable then edit the custom field to equal that variable. I have also been able to drill down in the response and select certain elements from the response and use that specific element in a custom field.

Like Bindiya Vikram Naik likes this

@fsarzeaud you have to remove the "<" and ">"

Is there an answer to Fabio's question? Is it possible to use this automation to send a file attached to the request ticket to web request?

Like # people like this

Is there an answer to Fabio's question? Is it possible to use this automation to send a file attached to the request ticket to web request?

Like Brittany Dartlon likes this

No longer works due to Basic auth being deprecated. If anyone has the solution on how to update the authentication and still utilize REST APIs to JIRA via an automation rule that would be awesome!

Ignacio Pulgar Community Leader Mar 17, 2022

@David Proux , while Basic auth has been deprecated for including a user's account password, it still works with an API Token instead of the password.

Like David Proux likes this

@Ignacio Pulgar Would you happen to know how to configure the header in the webrequest to get API Token to work? With the basic it was Authentication : Basic <base64 email:password>. 

Ignacio Pulgar Community Leader Mar 17, 2022

@David Proux First, type in a notepad the string that should substitute <base64 email:password>:

With the email of the user account which you would like use, and the correspondent API Token.

Copy that string on a base 64 encoder tool online (ie: this one) or google "how to encode using the command line in <your operative system>" to encode it as required.

Finally, the string you would need to insert in the Automation Rule component would be:

Basic <the long string obtained after encoding it in base 64>

Please note that by putting that string in the Automation Rule component you might effectively making it potentially viewable by other users of your instance, like Project Admins if you set the rule in a project, or other Jira Admins for Global Rules.

Also, basic authentication is generally considered to be an unsafe authentication method, but I love this article, and there is no risk if, in example, you delete the token once you had finished the automatic task. In that case, you would need to a new token again whenever you need to use the rule again, and encode the string email:token string in base 64 again.

Hope it helps.

Like Chana likes this

@Ignacio Pulgar You're right that still works! Thank you! 

Like # people like this
Ignacio Pulgar Community Leader Mar 18, 2022

You're welcome! Happy to help! :)

[edit: Ignore everything below! I'm such a noob! Its working now that I created the API token in the right place! Just realised that I had been creating an Admin API key. Thanks again for the great article @Cristiano and the helpful comments above @Ignacio Pulgar I'll try to follow instructions more carefully next time!]

Thanks @Cristiano and @Ignacio Pulgar but basic authorization w/ an api token is not working for me. I feel like I'm missing something really obvious despite re-reading multiple times the above post/comments and the rest api docs re components. I'm also very new to JSM.

I've tried multiple encoders (including powershell) and variations on the string:



I even revoked my previous api token and created a new one. Every time I try to validate the rest api call in my JSM automation rule, I get a '401 Unauthorized' response saying 'basic auth w/ passwords is deprecated'

This is my Webhook URL:

In the first header field I have: Authorization

In the second header field I have tried:

Basic encoded-string

Basic <encoded-string>


Method = GET

Webhook body = Issue data

If I don't put Basic in the header I get a 404 Not Found.

I also asked a question here: Cannot get component using automation send web request 

Please help me if you can. Thanks.


Log in or Sign up to comment

Atlassian Community Events