How to automate consent step for oauth 2.0 Rest api call

Christoph Murauer
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
March 23, 2021

Hi there,

I'm struggling to get oauth 2.0 work for my application.
My external php app automatically creates an Jira-issue over the jira API, when a trigger has been set, which works fine with basic auth (POST my-application.atlassian.net/rest/api/3/issue). But to be secure I want to implement oAuth 2.0. 
I already got the access token, after manually call the URL from the developer console and clicking on the ALLOW button.

Now I do not know, how to automate the Step, when the user prompt appears? This should be a automized process, without user interaction. 

 

I followed already the official documentation for oauth-2-3lo-apps  and the official youtube tutorial, but at this step, I can't find an answer for me:

Bildschirmfoto 2021-03-23 um 16.13.54.png

Bildschirmfoto 2021-03-23 um 16.35.09.png

Did I miss something? Can someone help me out here?

 

Greetings, chris

1 answer

0 votes
Dario B
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
March 25, 2021

Hello @Christoph Murauer ,

Welcome to the Atlassian Community!

I might not be the best person to answer questions on development related topics. However, from what I understand, that step cannot be automated since each user has to authorize the app to access their data on the Atlassian site.

This is explicitly mentioned the official documentation for oauth-2-3lo-apps :

To the user, the authorization process looks like this:

  1. The app directs the user to an Atlassian screen that prompts them to grant access to their data on the Atlassian site. The screen displays the access being requested in the Atlassian product.
  2. The user grants (or denies) access to their data on the Atlassian site, via the screen.
  3. The user is directed back to the external service. If the user granted access, the external service can now access data (within the specified scopes) from the Atlassian site on the user's behalf.

 

Automating that step would mean giving access to the users data without their consent. 

 

Finally, for the future, please notice that this is not the best place to get help on development  related questions. The right resources are listed in https://developer.atlassian.com/resources. 

Specifically:

 

 

Cheers,
Dario

MUSHEER ALAM
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
November 24, 2021
Like Dario B likes this
Thomas Carbureanu
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
October 30, 2024

How do we skip it if the user has already consented to your app once? Currently, it is on every single login attempt using the rest API. I tried changing the prompt field from "consent" to "none" and it still forces the user to consent on every login.

Suggest an answer

Log in or Sign up to answer
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
FREE
TAGS
AUG Leaders

Atlassian Community Events