Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Getting e-mail addresses for Atlassian users

adam_aczel
adam.aczel August 13, 2024

Hey there,

I would be super glad if someone could point me to the right direction. Here is my issue.

 

Context: I'm working on a project that involves integrating our internal applications with Atlassian's user management system. The primary goal is to retrieve email addresses of users from Atlassian to link them with other applications in our organization. To achieve this, I've been following the Atlassian User Management API documentation.

What I've Done So Far:

  1. API Key and Setup:

    • I created an API key from admin.atlassian.com under my organization's settings.
    • I've ensured that I have the necessary Organization ID and API key, as per the documentation.
    • The API key is included in the Authorization header as a Bearer token.

  2. Request Attempt:

    • I'm using the /users/{account_id}/manage endpoint to check user management permissions and eventually retrieve email addresses.
    • However, when I send a GET request to this endpoint, I consistently receive a 403 Forbidden response.

Issue:

  • 403 Forbidden Error: Despite ensuring that the API key and Organization ID are correct, I’m still encountering a 403 Forbidden error. This suggests that there might be a permissions issue, but I'm unsure how to proceed. Error mentions that Caller must be a verified org admin. Does that mean there is a verification process to perform and a "simple" org admin does not suffice?

My Questions:

  1. Permissions: Are there additional permissions or scopes that need to be configured for the API key to allow access to user email addresses?
  2. Organization and API Roles: How can I verify that my API key and associated account have the appropriate roles to manage users and access their emails?
  3. Best Practices: Is there a recommended approach or best practice for securely and efficiently accessing user emails through the Atlassian API?

Additional Context:

  • My ultimate goal is to link Atlassian user emails with another application within our organization if there is a more straight forward way of doing this then please let me know.

Thank you for your assistance!

Answer
Watch
Like marc -Collabello--Phase Locked- likes this
509 views

1 answer

0 votes
Trudy Claspill
Trudy Claspill
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
August 13, 2024

Hello @adam_aczel 

Welcome to the Atlassian community.

Can you show us the actual code you are using? Use asterisks to replace sensitive data like the api token and account id.

View More Comments
adam_aczel
adam.aczel August 14, 2024

Hello @Trudy Claspill 

Thanks for the welcome and getting back to me :)

I have set up calls to two different endpoints so far, tasks are executed by an Airflow DAG FYI.

  1. Atlassian REST API v3 - Get all users link - status: works fine but e-mail is not returned
  2. User management REST API v1 - Get profile link - status: returns 403

If emails were returned via the first endpoint I wouldn't even need the second one. Below I post the code excerpts for the respective endpoints, excluding logs and post processing for brevity.

1. 

def get_all_jira_users(email, token):

    url = "https://towa-digital.atlassian.net/rest/api/3/users/search"

    auth = HTTPBasicAuth(email, token)

    headers = {

    "Accept": "application/json"

    }

    all_users = []

    start_at = 0

    per_page = 100

    while True:

        params = {"startAt": start_at, "maxResults": per_page}

        response = requests.get(url, headers=headers, auth=auth, params=params)

2.

def update_jira_users(account_id_list, token):

    base_url = "https://api.atlassian.com/users"

    headers = {

    "Authorization": f"Bearer {token}",

    "Accept": "application/json"    

    }

    user_data = []

    for account_id in account_id_list:

        url = f"{base_url}/{account_id}/manage/profile"

        response = requests.get(url, headers=headers)

        response.raise_for_status()

        user = response.json()

        user_data.append(user)

    return user_data

Thank you for your time!

Like
adam_aczel
adam.aczel September 2, 2024

Hey @Trudy Claspill 

After a short break I'm back to this project. Is there a chance you could guide me to someone I should talk to regarding getting the e-mail addresses for our users in our space?

Thank you in advance!
Adam

Like
Brijesh Panara
Brijesh Panara
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
October 21, 2024

Hi @adam_aczel I also has similar use case, were you able to solve this issue ?

Like
adam_aczel
adam.aczel October 21, 2024

No, we resorted to build a custom logic to match users based on first and last names. In the end it turned out that due to duplicate users in Jira we would have had to do an in-house logic anyways. Maybe creating a ticket with Atlassian support could be a way to go, but I did not bother. In case you do find out something please share with the rest of us :) 

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
STANDARD
TAGS
AUG Leaders

Atlassian Community Events

    See all events