I'm trying to audit some Jira Server internal directory users. As an administrator, is there a way for me to see whether a user has any keys or access tokens associated with their account. I don't want to disable a user that is being used for any integrations.
If I understand what you are looking for here, you want to be able to disable unused Jira accounts, but have a fear that some of these might have created an OAuth token that allows some other application link to behave as that user. Unfortunately, I have not been able to find a quick way that allows a Jira Admin to be able to locate all the user accounts that might have this kind of setup currently.
This is something that an individual account can see for itself, by going up to your user avatar -> Profile, on that page there is a Tools button with a link to "View OAuth Access Tokens". Each user can reach this at the URL of /plugins/servlet/oauth/users/access-tokens
One approach that might be helpful in your use case here is to use a plugin to Jira Server such as User Switcher for Jira. As a Jira admin the use of this plugin will allow you to temporarily assume the identity of another user account in Jira Server. Once that is done, you can view that URL of /plugins/servlet/oauth/users/access-tokens as that user to see if it has any existing access tokens.
I know this probably is not exactly what you are looking for here, but I thought I would share this approach as I think it can tell you about individual accounts in your Jira Server.
Please let me know if this helps.
Connect with like-minded Atlassian users at free events near you!Find an event
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no Community Events near you at the moment.Host an event
You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events