OAUTH Impersonation issue with Application links

Kevin Deuel August 3, 2017

Hi All,

We recently upgraded our Atlassian applications (Jira, Confluence, Bitbucket and Crucible). We have Application links created between each application using OAuth Impersonation and everything appears to work good. 

The issue we face is that whenever navigating through the Application links, you are still required to login to each system individually?

Is there a confi or something we are missing? Any ideas?

Thanks!
-Kevin

1 answer

0 votes
Boris Berenberg - Atlas Authority
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
August 3, 2017

This is a feature, not a bug. This is exactly how oAuth is supposed to work. Impersenation means that the application can perform an action as the user in the remote application.

The logins you are mentioning should only be occuring once per application combo. So JIRA -> Confluence only once. Then Fisheye -> Confluence again. And JIRA -> Fisheye again. But if you go to any of those again, they should maintain the connection.


What you're looking for is called Trusted Applications and is a very poor security model. I believe that long term it will actually be completely removed from newer versions of the tools.

Suggest an answer

Log in or Sign up to answer