Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
Community Members
Community Events
Community Groups

Inaccurate OAuth Guide


I have been using the OAuth guide provided here:

It states that in order to authenticate I have to generate a public-private key pair and make a configuration in Jira and send it in my request for temporary token.
This command is supposed to be generating this key pair: 

openssl genrsa -out jira_privatekey.pem 1024

This was correct a few months ago. However for quite some time now, the implementation has been changed apparently and this guide is outdated.
If using this same key now, Jira will return an exception like the following:

Signature length not correct: got 128 but was expecting 256.

Please fix this guide by replacing the command with the following one:
openssl genrsa -out jira_privatekey.pem 2048

This one generates public-private key pair of 2048bit. The rest of the implementation remains the same.

Also there have been some deprecated Libraries used in the code implementation of the Jira OAuth client.

Please fix them as well.


Best Regards,



Log in or Sign up to comment