Create my own Trusted Application

I'm trying to create my own application and add it as Trusted Application in Jira via Application Link functionality.

When I use Generic Application type, then none is displayed under Incoming Authentication and Outgoing Authentication columns.

I've tried to set application type to Confluence and then Jira tries to access /admin/appTrustCertificate file, which of course is missing in my application.

Question 1:

How can I generate this appTrustCertificate file?

Question 2:

How to specify username (without knowing a password) in JIRA REST API request when trusted application incoming authentication is used.

4 answers

1 accepted

0 votes
Accepted answer

As the webhook is not going to execute on a browser session (am not sure how to correctly word this), I am thinking this might not work. For both trusted/oauth to function, it will be a remote server access initiated while you are in the context of an application open by an user.

In your case, these is a disconnect, as the webhook triggers your script which in turn is accessing JIRA.

I may be completely wrong, but this is what I think.

I've just checked. Smart commit plugin somehow is able to add jira issue comment on behalf of user, who made a commit.

But what about "Smart Commits" plugin, that for example adds a comment to an issue based on svn commit message?

Does it add a comment from user, who made a commit OR just user, which was used to create an application link?

I saw following code in "Smart Commits" FishEye plugin:

impersonationService.doAsUser(PluginMetadata.PLUGIN_ID, user.getUserName(), new Operation<Void, RuntimeException>()

Then I suppose it's possible by a plugin, but how api doing that just from REST API call without writing a plugin?

Yeah, you are right, you should be able to do it from your web app as well, but I am unable to guide you :(

I am guessing from within the atlassian app it goes via the App Links api which is not available when you are on your on web app - https://developer.atlassian.com/display/APPLINKS/Application+Links

Maybe I need to quickly update created records in Jira database after transition is performed to make them appear as created from another user.

Don't do that Dmitry, you will get into trouble with index going our of sync.

Can you get the screenshots of exactly what the problem is?

The bigger picture is:

  1. commit comes to FishEye
  2. FishEye goes to my script, that is specified as WebHook in FishEye
  3. my script should be able to connect to Jira REST API on behalf of user, who performed a commit
  4. my script then transitions issue based on commit message given by WebHook

Problem is with item #3, because I don't know how to connect to Jira REST API only knowing username, but not a password.

That's why I thought, that "Trused Application" term is right one to allow "my script" issue API calls on behalf of any user.

Dmitry,

Did you see this developer docs on making OAuth calls to JIRA? https://developer.atlassian.com/display/JIRADEV/JIRA+REST+API+Example+-+OAuth+authentication

If you can configure in JIRA this and per user get a OAuth approval, you should be able to push that users changes back into JIRA. Am not sure about the life of the token though.

I'm new to OAuth, mostly used used classes that provided integration, but don't know how the technology works.

So does this work like this:

  1. every user (that can make commits) create a token on his side and give it to me
  2. webhook knows token of each user, who made a commit and uses it to perform REST call to Jira

am I correct?

I saw empty list of active OAuth tokens under Jira user profile, but I didn't see a button to generate one :(

Or do I need to creae a different application link to be used with each user, who made a commit?

Not really. When the user accesses the site, he will be prompted to authorize, (it's termed OAuth dance), the application receives a token which can be retained to perform actions on behalf of the user. That's the same concept for facebook login also - http://developers.facebook.com/docs/concepts/login/

May be you should try to read the tutorial a couple of times - https://developer.atlassian.com/display/JIRADEV/JIRA+REST+API+Example+-+OAuth+authentication and try to use the client sample code in your web app.

Suggest an answer

Log in or Sign up to answer
Community showcase
Published Nov 27, 2018 in Portfolio for Jira

Introducing a new planning experience in Portfolio for Jira (Server/DC)

In the past, Portfolio for Jira required a high degree of detail–foresight that was unrealistic for many businesses to   have–in   order to produce a reliable long-term roadmap. We're tur...

2,949 views 19 22
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you