Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Access Jira Rest API with Okta authentication

Accello RPA
Accello RPA November 25, 2019

We have configured Jira serve with Okta and now need to access its rest api.please let me know the step to follow if we need to call below request  http://{host}/rest/api/2/project.

We have tried with Okta Access token as below and not working

curl -X GET -H "Authorization: Bearer token" http://{host}/rest/api/2/project

Answer
Watch
Like Be the first to like this
2626 views

2 answers

2 votes
Daniel Eads
Daniel Eads
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
December 10, 2019

Hey @Accello RPA !

On Jira Server, you'll be using a plugin to provide SAML capabilities for Okta. Different plugins provided on the Marketplace handle API calls in varying ways.

In the case of the SAML Single Sign On (SSO) Jira, SAML/SSO by resolution Reichert Network Solutions GmbH plugin you've evaluated, the plugin doesn't do anything special to prevent API calls using Basic Auth. They've got a great page in their documentation explaining how this works here.

I noticed in your curl example that you're trying to use a Bearer token however. The SSO plugin doesn't support API calls (so no Okta passthrough), and Jira Server doesn't support token authorization. That's probably what's tripping things up! I think you've got a few options forward:

  1. Use basic auth (with a username/password) - we've got comprehensive documentation showing how to do this in Jira Server. Do note that an account would need to be local to Jira (either from Jira's internal directory or from a directory where the password can be checked by Jira) for this to work. Using the SSO plugin by itself won't expose the Okta passwords to Jira, so it won't be able to verify the passwords for Okta users unless those passwords are also available from another directory.
  2. Set up OAuth instead - guide here: https://developer.atlassian.com/server/jira/platform/oauth/
  3. Marketplace app that allows you to generate app tokens for Jira Server: https://marketplace.atlassian.com/apps/1221182/api-tokens-for-jira?hosting=server&tab=overview - while I've not personally used this app, it looks along the lines of what you might be after and the reviews are quite positive

Cheers,
Daniel | Atlassian Support

View More Comments
Christian Reichert (resolution)
Christian Reichert (resolution)
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
December 10, 2019

Hi @Accello RPA 

If I may throw in our hat as well - we are the Developer of the SAML Plugin you tested/use. 

We just released a Jira API Token App for exactly the use case you are having: https://marketplace.atlassian.com/apps/1221586/api-token-authentication-for-jira?hosting=server&tab=overview

As both products come from us, they are well tested on their interoperability - so is the DC SAML for example.

Cheers,
Chris

Like Daniel Eads likes this
Reply
0 votes
Ankit
Ankit
Marketplace Partner
Marketplace Partners provide apps and integrations available on the Atlassian Marketplace that extend the power of Atlassian products.
December 10, 2019

Hi @Accello RPA ,

Jira server doesn't support API Authentication using access tokens of third party OAuth providers such as Okta.

I work with miniOrange and We have released a Jira REST API Access using OAuth app which supports this exact use case: https://marketplace.atlassian.com/apps/1221054/jira-rest-api-access-using-oauth-oidc

You can set it up within minutes and use Okta's access tokens to call the REST APIs. There is also an option to disable the basic authentication in favour of Okta authentication. If you need any assistance in setting this up, you can reach out to us at atlassiansupport@xecurify.com and we will schedule a screen sharing session to assist you with end to end setup.

Thanks,

Ankit 

Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira Software
TAGS
AUG Leaders

Atlassian Community Events

    See all events