Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

How to i disable REST API calls on JIRA?

Rahul Aich [Nagra]
Rahul Aich [Nagra]
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
May 4, 2014

I have someone run a script which makes calls to REAT API every few minutes and for some reason that script fails and throws errors in my logs.

How do i disable any calls made to REST API?

Rahul

Answer
Watch
Like Be the first to like this
5335 views

3 answers

1 accepted

1 vote
Answer accepted
BenjiI
BenjiI
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
May 4, 2014

Goto Administration > System > General Configuration. Then click the Edit settings button and turn Accept remote API calls off.

View More Comments
carrhuntc
carrhuntc July 8, 2016

Please update - there is no Accept remote API calls option in General Config Edit for the Server Edition

Like # people like this
Reply
1 vote
BenjiI
BenjiI
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
May 4, 2014

This similar thread might help: https://answers.atlassian.com/questions/177821/how-to-stop-jira-making-rest-api-calls

Reply
0 votes
Laurent PIANFETTI
Laurent PIANFETTI November 28, 2017

Hello.

In Jira 7.3.2, the settings "Accept remote API calls" is no more available ? Someone knows how to restore this feature ?

Thanks in advance.

View More Comments
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
November 28, 2017

It was removed late in 6.something if my memory serves.

This is because Jira now uses its own REST interface to fetch some of its own data.  Turning it off will stop a good chunk of Jira from working.

So, you can't disable it any more.

Like
Owen Blacker
Owen Blacker June 3, 2020

Presumably there's a way to require authentication on these APIs, though? I can see private information on publicly accessible API endpoints.

Like James likes this
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
June 3, 2020

All the REST calls require authentication.

If you're seeing "private" information, it is available becuase it has been made public

Like
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
June 3, 2020

If you can see "private information" over the REST API, then you have configured your system such that it is NOT private.

The REST API respects the security you set up in the application.  If you want to secure your data, then disable access to it with your permission schemes.

Like
Owen Blacker
Owen Blacker June 4, 2020

Yes, this is precisely the case. But it would be very useful for there to be a setting to suppress all publicly-shared content, so that administrators could override settings to ensure all content were only available at a maximum to authenticated users within the instance.

That seems relatively easy to for user lists. But it is considerably more onerous to unshare boards and filters that have been inadvertently made public.

Like James likes this
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
June 8, 2020

But there's a load of publically shared information Jira needs in order to function now.  So you can't turn it off.

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira Software
TAGS
AUG Leaders

Atlassian Community Events

    See all events