It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Access Jira Rest API with Okta authentication

We have configured Jira serve with Okta and now need to access its rest api.please let me know the step to follow if we need to call below request  http://{host}/rest/api/2/project.

We have tried with Okta Access token as below and not working

curl -X GET -H "Authorization: Bearer token" http://{host}/rest/api/2/project

2 answers

2 votes

Hey @Accello RPA !

On Jira Server, you'll be using a plugin to provide SAML capabilities for Okta. Different plugins provided on the Marketplace handle API calls in varying ways.

In the case of the SAML Single Sign On (SSO) Jira, SAML/SSO by resolution Reichert Network Solutions GmbH plugin you've evaluated, the plugin doesn't do anything special to prevent API calls using Basic Auth. They've got a great page in their documentation explaining how this works here.

I noticed in your curl example that you're trying to use a Bearer token however. The SSO plugin doesn't support API calls (so no Okta passthrough), and Jira Server doesn't support token authorization. That's probably what's tripping things up! I think you've got a few options forward:

  1. Use basic auth (with a username/password) - we've got comprehensive documentation showing how to do this in Jira Server. Do note that an account would need to be local to Jira (either from Jira's internal directory or from a directory where the password can be checked by Jira) for this to work. Using the SSO plugin by itself won't expose the Okta passwords to Jira, so it won't be able to verify the passwords for Okta users unless those passwords are also available from another directory.
  2. Set up OAuth instead - guide here: https://developer.atlassian.com/server/jira/platform/oauth/
  3. Marketplace app that allows you to generate app tokens for Jira Server: https://marketplace.atlassian.com/apps/1221182/api-tokens-for-jira?hosting=server&tab=overview - while I've not personally used this app, it looks along the lines of what you might be after and the reviews are quite positive

Cheers,
Daniel | Atlassian Support

Hi @Accello RPA 

If I may throw in our hat as well - we are the Developer of the SAML Plugin you tested/use. 

We just released a Jira API Token App for exactly the use case you are having: https://marketplace.atlassian.com/apps/1221586/api-token-authentication-for-jira?hosting=server&tab=overview

As both products come from us, they are well tested on their interoperability - so is the DC SAML for example.

Cheers,
Chris

Like Daniel Eads likes this

Hi @Accello RPA ,

Jira server doesn't support API Authentication using access tokens of third party OAuth providers such as Okta.

I work with miniOrange and We have released a Jira REST API Access using OAuth app which supports this exact use case: https://marketplace.atlassian.com/apps/1221054/jira-rest-api-access-using-oauth-oidc

You can set it up within minutes and use Okta's access tokens to call the REST APIs. There is also an option to disable the basic authentication in favour of Okta authentication. If you need any assistance in setting this up, you can reach out to us at atlassiansupport@xecurify.com and we will schedule a screen sharing session to assist you with end to end setup.

Thanks,

Ankit 

Suggest an answer

Log in or Sign up to answer
TAGS

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you