OAUTH Impersonation issue with Application links

Hi All,

We recently upgraded our Atlassian applications (Jira, Confluence, Bitbucket and Crucible). We have Application links created between each application using OAuth Impersonation and everything appears to work good. 

The issue we face is that whenever navigating through the Application links, you are still required to login to each system individually?

Is there a confi or something we are missing? Any ideas?


1 answer

This is a feature, not a bug. This is exactly how oAuth is supposed to work. Impersenation means that the application can perform an action as the user in the remote application.

The logins you are mentioning should only be occuring once per application combo. So JIRA -> Confluence only once. Then Fisheye -> Confluence again. And JIRA -> Fisheye again. But if you go to any of those again, they should maintain the connection.

What you're looking for is called Trusted Applications and is a very poor security model. I believe that long term it will actually be completely removed from newer versions of the tools.

Suggest an answer

Log in or Sign up to answer
Community showcase
Published Nov 27, 2018 in Portfolio for Jira

Introducing a new planning experience in Portfolio for Jira (Server/DC)

In the past, Portfolio for Jira required a high degree of detail–foresight that was unrealistic for many businesses to   have–in   order to produce a reliable long-term roadmap. We're tur...

2,725 views 17 21
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you