Missed Team ’24? Catch up on announcements here.

×
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

How to generate OAuth 1.0 token for Postman?

Mindaugas Gelumbauskas
Mindaugas Gelumbauskas April 18, 2019

I wish to use OAuth 1.0 instead of basic auth for RestAPI/Postman. How can I get consumer key, consumer secret, access token, token secret?

Answer
Watch
Like Be the first to like this
6187 views

1 answer

1 vote
Andy Heinzer
Andy Heinzer
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
April 22, 2019

Hi,

Since you mentioned OAuth 1.0, I'm guessing you're using Jira Server.   For users that have Jira Cloud, I found that Sam Ogden's post on https://community.atlassian.com/t5/Jira-questions/Using-Jira-API-from-Postman-via-OAuth/qaq-p/704668 appears to have a method to make Postman work with Jira Cloud using OAuth 2.0.

For your use case here with OAuth 1.0, I think you're going to need to start by creating an application link as described in https://developer.atlassian.com/server/jira/platform/oauth/
This guide also has a number of other steps you would need to generate the token correct first, typically using the OAuthTutorialClient-1.0.jar from that tutorial.   I would recommend trying to complete that tutorial first.  If you can create a REST API call successfully via calling java in the command line and using that access token, then you should be able to take that info on to the next steps in using Postman.

In my searching I came across a similar post from stack overflow were Harshad appears to have found the settings needed to make this work.  Please see https://stackoverflow.com/questions/39574851/getting-a-jira-issue-via-oauth-authentication-using-postman for reference.  This person found that they could then just pass the access_token as a parameter in the URL directly.

I hope this helps.

Andy

View More Comments
anisah97
anisah97
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
June 2, 2020

Hi @Andy HeinzerI am working on REST API POSTMAN from JIRA with OAuth1.0 but I'm getting error 'signature method rejected'. I have an RSA-SHA1 type certificate. How to make the request in Postman for the Jira Server Platform?

Like
Andy Heinzer
Andy Heinzer
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
June 3, 2020

Hi @anisah97 

Reviewing this question form last year, I'm not sure it is possible to do this using OAuth 1.0a via Postman for Jira Server.  There is a guide for using OAuth 1.0a with Jira Server over in https://developer.atlassian.com/server/jira/platform/oauth/

However it has the expectation that this integration is done within a programming language such as Java, however it notes there are samples of how to get this to work with other languages:

Code samples

If you prefer to figure things out from the source code, feel free to check the output of this tutorial on Bitbucket (look for the java directory). Note, there are examples in that repository for other languages including Node.js, PHP, Python, Perl, and Ruby.

But I don't have sufficient knowledge of how Postman works, such as what language it is written in, or if it could somehow accommodate the handshake required to make this work like a program language could.   The guide we have for using OAuth 1.0a with Jira Server is expecting that you are creating your own program or plugin written in the language of your choosing.  Not exactly helpful for an existing program like Postman, where we are all unlikely to have control of the source code.

Perhaps you could use a different authentication method here.  Basic auth is one way to do this, but I understand that users are resistant to using their password in such a means to authenticate.  For Jira Cloud we have a native API token service to try to help fill this gap.  Jira Server doesn't have this natively.  There are a few different solutions though that provide these API tokens such as

Technically these are not as secure as OAuth, but they are considerably easier to setup and implement, and don't require you to use your password for making such REST API calls to Jira.

Regards,

Andy

Like
vineet_kumar
vineet.kumar July 13, 2021

Strangely the  repository officially mentioned in the JIRA docs does not work at all. I clonned the bitbucket repo and tried python code and it didn't work and same goes for node JS. Only working model is java code. It would be appreciated if someone told me why it is not working for python

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Atlassian Community Events

    See all events