How to get consumer key for jira Oauth1

Hi Every one,


I want to get access token using JIRA oauth1, I have gone through the documentation but unable to get how i will get consumer key.

6 answers

Just to Clarify and clear all confusion here (
- For Consumer key and shared public key you can use Consumer key and public key as it is mentioned in link

Consumer key - "hardcoded-consumer"

Public Key/ Shared secret key


Or you could generate your public/private key using below method and update the client code accordingly

To generate a key pair execute:

openssl genrsa -out privkey.pem 2048

And execute:

openssl rsa -pubout -in privkey.pem -out pubkey.pem

To extract the public key. Both keys are in PEM format

create an Application Link 

Enter valid URL and click Continue even if there is no response on URL 

  • Select Application Type as Generic Application
  • Enter Consumer key as above - hardcoded-consumer
  • Enter Shared secret key as above
  • For other details like 
Hope this clear your doubt related to Consumer key and Shared secret key.


quesiton - what do you mean extract public key? and PEM format? and updating the client code? what do you update? I'm so sorry for all the quesitons. do you run this code in terminal? and do the pubic consumer keys and public shared secret work for private tools? are those two for the user to be entered everytime they login as their login or is it just for communication between the two websites to get the login where the user logs in with JIRA?


sorry and thanks



I'm confused here.

The example you can use the consumer-key "hardcoded-consumer" along with the provided Public Key/ Shared secret key.

You mention you can instead generate public/private key.


To elaborate:

-The consumer key is made up and the service provider and the consumer both need to know it.

The private key and consumer key is used by the consumer

The public/shared key and the consumer key is used by the service provider


So after a day of hacking at the provided java example I worked this out:


To come up with your own Consumer Key as well as using your own generated private and public keys, follow below.


------ Generate Keys ------

-Generate private key

openssl genrsa -out privkey.pem 2048


-Generate public key based off private key 

openssl rsa -pubout -in privkey.pem -out pubkey.pem


------ JIRA Admin/UI: ------


-Go to Jira Administration -> Applications -> Application links

(My test, as well as the provided java example is a server-side stand alone client app  i.e. doesnt respond to http/negotiate tokens so...)
-Ignore the fact that the thing attempts to connect to the link with which you create the app-link - it can be any url.

-Make up (and remember) any string value for a Consumer Key

-Copy the public key file content excluding the "-----BEGIN PUBLIC KEY-----" and "-----END PUBLIC KEY-----" as well as removing line breaks into the "Shared Secret" field.

(It might work leaving those in but I haven't bothered trying.)


-Set the Request Token URL, Access Token URL, and Authorize URL to the belowrespectively, substituting your Atlassian subdomain - provided you're using a hosted instance.




-Check "Create Incoming Link" and hit Continue

-On the next screen add the same Consmer Key you decided on above and copy the content of the public key you generated above as-is.

i.e. INCLUDING the "-----BEGIN PUBLIC KEY-----" , "-----END PUBLIC KEY-----", as well as the line breaks. and hit continue


------ Client Code Changes ------

Update provided example java client found at

-Update JIRAOAuthClient class CONSUMER_KEY constant (line 13) to the Consumer Key you decided on above.

-Update JIRAOAuthClient class CONSUMER_PRIVATE_KEY constant (line 14) to the private key. (I kept line breaks and BEGIN and END RSA PRIVATE KEY tags with hyphens etc.)


That code is a pretty good example of the dance.


The part that was confusing me was the disconnect between the private and public key.

The client holds on to the private key (generated) and the consumer key (made up).

JIRA requires the consumer key (made up) but also the public key (generated with the private key) and JIRA needs no knowlege of the private key itself, hence it's called private.

Also if I manually go through the dance and hold on to the token and deploy it with my client app, I've read in places that the token lives forever and in others that it lives for a week.

It looks like on my hosted Confluence instance that the token is valid for 5 years.

To do the dance with confluence instead of JIRA, configure the application link in confluence administration, use the same above Request Token URL, Access Token URL, and Authorize URL for the service provider, but all UI admin/config should be done on Confluence and not JIRA. i.e: https://<my-hosted-jira> add the confluence context (in my case 'wiki') when visiting the admin/settings pages.


Hey @Evan Kairuz 

I'm following your steps -- can you help me understand the requirement for request token/ access token/ authorize URL?

For example, if my site is
will my request-token be

Appreciate your help!

Hi Taha,


I have gone through the given url. I have below mentioned concerns.

  1. What is application url.
  2. When I set application url as my callback url it show error. below is the error screen shot.jira.png
  3. When I press continue button it shows me form which contains many fields like , so i am unable to get and what would be the and .


Please provide me information.



Your Url seems to be https, so you to import your ssl certificate first into Java keystore before configuring application link. Taha

Hello sir i am using http.

Sorry sir but in screen I can see entered URL as

Hi Namdev,

You can get Consumer key when you configure Application Link between Source and Destination Instance.


Consumer key and public key both are part of OAuth process. Since your requirement is to configure App link between JIRA and External Application you refer below link for more information on Configuring OAuth Consumer



Hello Taha,

I am unable to do below step since Oauth link is not present in my account. I am unable to login using sys admin. How I can get password of sysadmin? Is it for paid account?

  1. In the left-hand panel, under the title 'System', click the 'OAuth' link. The 'OAuth Administration' page will be displayed, showing a list of configured OAuth Consumers (if any exist).


Sorry, above URL Is for OLD JIRA version. OAuth Configuration comes under Application links itself. Original Document which I shared is the right one and all steps are mentioned there

Suggest an answer

Log in or Sign up to answer
Community showcase
Published Feb 13, 2019 in Jira

Make your Atlassian Cloud products more secure: our NEW admin security guide

Hey admins! I’m Dave, Principal Product Manager here at Atlassian working on our cloud platform and security products. Cloud security is a moving target. As you adopt more products, employees consta...

603 views 0 12
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you