I am having extreme difficulty understanding how to use both Personal and API Access tokens. I am trying to get an Integration working from ServiceNow to Jira.
My current understanding is that I MUST use an Access Token for this purpose, and I CANNOT use a regular Username and Password; although I may be incorrect in this understanding.
My basic issue is that after I generate the tokens, I cannot get them to work in the API. So I just want to VALIDATE the tokens.
CAN I SIMPLY LOG OUT OF JIRA AND THEN LOG BACK IN USING MY USERNAME AND A TOKEN RATHER THAN MY USERNAME AND A PASSWORD, TO VALIDATE THE TOKEN HAS BEEN GENERATED SUCCESSFULLY AND THAT IT WORKS?
Or is that an invalid way of validating the tokens? And if it's invalid, WHY is it invalid?
Hi @Geoffrey Bishop ,
The answer does depend on whether you are using Jira Server/Data Center or Jira Cloud. The tags on your question suggest Jira Server, but since you apparently could generate tokens and just for completeness I will try to address both flavours of Jira.
Jira Server / Jira Data Center
Out of the box, Jira Server does not use API tokens at all. To use the REST API, you can either use OAuth 1.0a or Basic Auth. Most integrations I've seen use Basic Auth, which would be your regular username and password. If you must use an API Token on Server, for compliance reasons say, there are a some apps available in the Marketplace, but they shouldn't be strictly needed.
To test your credentials on the API, the most basic route would be something like:
On Jira Cloud, things are a bit different. You cannot use your username and password, much rather you have to create an API Token; Atlassian has documentation on how to do that here and here is how you can use the token. Your username and password will not work for the API and the API token will not allow you to login into the web interface.
Once you obtained an API Token, you can test is with this route:
Your Jira cloud API Token has all the permissions you have, so keep that in mind when handing that token over to a third party. If you want to create restricted API Tokens that you can use with Jira Cloud, again there's the Marketplace. Personally, I like the API Token Manager for Jira app, but then again, I work for the vendor behind it. In any case, an app shouldn't be needed for basic use cases.
Finally, to determine whether your Jira is a Server or a Cloud instance, look at the URL that you use to access it. If it has something like XXXXX.atlassian.net in it, then you're on Cloud, if not you almost certainly are running on Server/ Data Center.
Hope that helps,