Hello!
I am developing a Jira Cloud app that uses some information from Xray Cloud (among others).
I need to retrieve some Xray information like :
I understand I should use Client Id/Secret authentication and then GraphQL to access the XpandIt API.
My question is :
Can I use Jira authentication way and thus bypass Xray client id/secret authentication?
In fact, I'd like to avoid my app users having to :
- generate an Xray API key (client id/secret),
- fill in these two data in my app.
Thank you for your help !
(FYI I already developed such features for my Jira Server/DC app using the XrayRaven API and it works like a charm ;-) )
The architecture in Cloud uses one server for each application.
If you have Jira plus Xray, it means that you are working with two servers at the same time, one for Jira and another for Xray.
When executing Xray API requests, you directly access the Xray server, so you need to use the Xray authentication since it does not pass through the Jira server.
Kind regards,
Rogério Paiva [Xray Support Team]
Hi @Rogério Paiva - Xray Xporter
And thank you for this answer. I particularly appreciate your readiness.
I understand that there are two servers (Jira & XpandIt) and that you have to authenticate on the XpandIt server to consult data related to Xray tests (token generated from the ClientID/ClientSecret pair as indicated in your API docs).
But, if I am a Xray user, connected to Jira, I don't connect to the XpandIt server myself (I don't give any Xray connection information).
So the Xray app somehow creates an XpandIt ID token to be able to retrieve the Xray data.
So, as developer, I wanted to "imitate" the Xray app to be able to fetch this data without requiring the Jira user to create a ClientId/ClientSecret pair, and then provide it to my app.
Let's imagine that my app provides -- for a Jira issue A -- a unique, consolidated status, built from the last status of each test (passed, failed,...) associated with this issue A.
Is the only solution that I ask the user of my app for a ClientId/ClientSecret pair?
Is there no other way to retrieve Xray data without requiring an API key pair?
Thank you in advance for all your help!
Best regards!
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You are most welcome.
Sorry, there is no alternative way to authenticate; it is necessary to use the API key pair.
https://docs.getxray.app/display/XRAYCLOUD/Authentication+-+REST+v2
Thank you.
Kind regards,
Rogério Paiva [Xray Support Team]
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi @Rogério Paiva - Xray Xporter
Thank you for your reply.
But a API authent request to XpandIt server from a Jira Cloud instance will be blocked by CORS policy.
Is there any way to request Xray information (tests from a test execution, status of a test) from a Jira cloud app ?
Thank you in advance,
Kind regards,
Christophe
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You are most welcome.
Sorry, there is no other way; all Apps in the Jira Cloud ecosystem need to follow this approach; the Apps need to reside in a different host. So there will always be the need to authenticate in the App server, besides the Jira.
Kind regards,
Rogério Paiva [Xray Support Team]
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.