Is there is a way to call jira api using Oauth1.0 with SHA256 hashing method. I already try using SHA1 and it's works. However, when I use SHA256 hashing method I got message [oauthproblem=token_rejected].
We need to use SHA256 because it looks like SHA1 is known to be vulnerable to collision attacks. Is it something need to be configured in JIRA to call the api using Oauth1.0 with SHA256 hashing algorithm?
Community moderators have prevented the ability to post new answers.
Hello Ahmad,
Jira server and DC support Oath with SHA1, as you stated. The cloud side products can support SHA256 for Oauth, but this will not be available to you since you’re running Datacenter.
With this said, security and encryption is always a must have and your idea to use SHA256 on the server products should be submitted as a feature request. If you would, could you please create a feature request at Create Feature Request? When you’re creating your issue, ensure you select suggestion (This means feature request). Once you have your request submitted, please paste the link to the issue here so others may find it.
Regards,
Stephen Sifers
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.