Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Interests
See all
Community resources
Top groups
Explore all groups
Community resources
Celebration

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root

Avatar

1 badge earned

Collect

Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!

Challenges
Coins

Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.

Recognition
Ribbon

Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!

Leaderboard

Join now to unlock these features and more

Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Get started Tell me more
Atlassian Community about banner
4,555,306
Community Members
 
Community Events
184
Community Groups

Jira Automation Rules, Send Web Request and APIs protected by OAuth 2.0

Edited
Deleted user Jan 03, 2021

Recently, I created an Automation Rule in Jira Software (Cloud) to make a REST Callout to a Salesforce API. Salesforce secures API calls with OAuth 2.0. As I could not find any articles regarding how to use OAuth with Jira Automation Rules, I am sharing what I worked out in the hope it will save others some time. Many APIs are secured by OAuth 2.0 so this information is broadly applicable.

OAuth 2.0 supports a bewildering number of options. Jira Automation Rules with Send web request only supports a few. I used the OAuth 2.0 Username-Password flow. Pros and cons are discussed in the linked article.

My objective was to make an outbound PUT /issue/{{issue.key}} to my Salesforce API whenever the value of a particular field changes on a Jira Issue (so Salesforce could update Jira Issues I had previously sync'd to it).

Steps:

  1. Add an Automation rule on Settings -> System in the AUTOMATION section at the bottom by clicking the Create Rule button.
  2. Select Field value changed in the list of Triggers.
  3. Choose from Select a field and pick Edit Issue from the For select list then click the Save button.
  4. Next, click New action.
  5. Scroll down to the Notification section and pick Send web request. The purpose of this first request is to submit required information in order to get an OAuth access token back from Salesforce.
  6. The URL for starting an OAuth 2.0 flow with my Salesforce Sandbox is https://test.salesforce.com/services/oauth2/token so I put that in the Webhook URL field. Had I been setting this up for Production, the URL would have been https://login.salesforce.com/services/oauth2/token.
  7. In Headers (optional), add a header Content-Type with a value of application/x-www-form-urlencoded. Note: this was required by Salesforce (even if you were able to use curl successfully without that header).
  8. Set HTTP method to POST.
  9. Set Webhook body to Custom data.
  10. Check Delay execution of subsequent rule actions...
  11. In the Custom data field, you add required information in a url-encoded form to get an access or session token. In my case (replacing capitalized items with actual values - Salesforce requires a token to be preceded by the password - these are separate values)...
  12. grant_type=password&client_id=CLIENT-ID&client_secret=CLIENT-SECRET&username=USERNAME&password=PASSWORDTOKEN
  13. Click the Save button.
  14. Under Add component, click New action.
  15. Under Notifications, click Send web request. This time, we'll make the call to the REST endpoint and provide the access token we received from the first step in the header of the second request.
  16. For my API, I entered https://mycompany.my.salesforce.com/services/apexrest/issue/{{issue.key}} in the Webhook URL field. Note the use of the Jira Issue key in the URL. This is specific to my API.
  17. Three Headers must be added:
    • Authorization with a value of Bearer {{webhookResponse.body.access_token}}. This is how you use a value from a previous Send web request. The access token (access_token) is the import value in the JSON it returned.
    • Accept with a value of application/json.
    • Content-Type with a value of application/json.
  18. For HTTP method, I selected PUT as required by my API in order to perform an update.
  19. Select Custom data from Webhook body select list.
  20. In the Custom data field, I entered the following (note the parameterized value containing the new value for my field):
  21. {
      "billingType": "{{fieldChange.toString}}"
    }
  22. Click the Save button.
  23. Enter the name of your automation on the right and click the Turn it on button.

Once turned on, this Automation rule fires whenever my field is changed, gets an OAuth 2.0 access token from Salesforce, then calls my APEX REST endpoint to update the appropriate record in Salesforce. The approach would not have been possible without the relatively new feature Wait for response for Send web request.

By the way, when you're on step 11, it helps to expand Validate your webhook configuration (at the bottom) and click the Validate link to ensure you are sending the right data required to get an access/session token.

Hopefully, this information will save you some time if you need Automation Rules to interact with OAuth 2.0-protected APIs.

Comment
Watch
Like # people like this
9173 views

6 comments

Sebastian Krzewiński
Sebastian Krzewiński
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
Jan 03, 2021 • edited

Great job @[deleted] !!!

wow.gif

Like
Deleted user Jan 03, 2021

Thanks!

Like
Reply
Yatish Madhav
Yatish Madhav Apr 30, 2021

Thanks for this @[deleted]  - this looks a real interesting path to take for extending automation.

Like
Reply
S_D
S_D Jul 27, 2021 
{
  "billingType": "{{fieldChange.toString}}"
}

Can you please explain what is fieldChange.toString? Is it a custom field?

 

The reason am asking is that I am trying to create an automation rule to call a webhook using custom payload. But looks like the variable interpolation of the custom fields is not happening. 

 

This is tracked here: https://jira.atlassian.com/browse/JSDSERVER-6970?error=login_required&error_description=Login+required&state=f185345d-1c4f-4f3a-bca6-c22539fdded3

 

In case you are aware of such scenario, please let me know.  

Like
Deleted user Jul 27, 2021

{{fieldChange.toString}} is a built-in smart parameter containing a string value for the field that was changed (per the field selected in Field value changed in your Automation Rule). In my case, it does refer to a custom field I added called Billing. I could have replaced fieldChange.toString with a reference to that custom field but I kept it generic for my purposes.

Like
S_D
S_D Jul 27, 2021

Thank you @[deleted] but I have been unsuccessful in getting the value from the custom fields. I tried all sorts but ins't working. 

 

Here is a sample of my payload.

 

{
"cluster": "${{request.customfiled_13710}}"
}

 

tried with 

{
"cluster": "${{request.cluster}}"
}

 

but nothing seems to work. 

Like
Deleted user Jul 29, 2021 • edited

For the value of cluster, I see a few issues:

  1. customfield has a typo
  2. The customfield property should be on issue
  3. This isn't a JavaScript formatted string so "$" is not needed

 

Here's an example of where I reference several custom fields. In some cases, I am specifying what to do if the value is null. Dropdown custom fields should be also use ".value". Certain built-in fields need ".name" (like issueType).

 

{
"billingType": "{{issue.customfield_10090.value|"None"}}",
"accountName":"{{issue.customfield_10086.value|"Acme, Inc."}}",
"subject":{{issue.summary.asJsonString}},
"issueType":"{{issue.issuetype.name|"Task"}}",
"opportunityUrl":"{{issue.customfield_10113}}"
}

 

Like
Kent Lee
Kent Lee Aug 11, 2021

Just wanted to say thank you as this was very clear and extremely helpful for my use case. 

Like
Reply
Matthew Crocco
Matthew Crocco Nov 03, 2021

@[deleted] Great post.

I have a similar workflow with ServiceNow. I was curious, in step 12 do you have the password in visible in plain text? I am trying to make an api call with credentials that cannot be found by a nosy admin, or somehow where I can restrict permissions to that particular automation rule.

Thanks!

Like
Reply
Daniel Saavedra
Daniel Saavedra Feb 24, 2022 • edited

@[deleted] Thank you for sharing as I was almost able to get it working. One question where I am stuck is how would you set up the callback URL? I noticed in your example, there wasn't any. Your help would be greatly appreciated.

Like
Reply
Lakshmij
Lakshmij Aug 26, 2022

My auth token response looks like this : 

auth.PNG

I'm using  authorization value as Bearer {{webResponse.Payload.access_token}} in header. But, I don't see value in webhook response, it looks empty like below : oauth.PNG

Like
DILEEP KUMAR
DILEEP KUMAR Jan 26, 2023

Hi @Lakshmij , It is same issue for me. 

I am using authorization value as Bearer {{webResponse.Payload.access_token}} in header but value in webhook response is empty. Please help if anyone able to resolve this. 

BearerTokenEmpty.jpg

Like
Reply

Comment

Log in or Sign up to comment
Jira
Jira
TAGS
AUG Leaders

Atlassian Community Events

See all events