Missed Team ’24? Catch up on announcements here.

×
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Authenticate call of Jira REST API in ScriptRunner based REST endpoint (Jira Server)

Tuelle
Tuelle November 20, 2017

Hi, 

I have a ScriptRunner script based REST endpoint that needs to call the REST API of another Jira plugin. Is there a way to authenticate this nested call? Is it automatically handled? I am using ScriptRunner for Jira server. It seems that ScriptRunner for Jira Cloud does this automatically using some sort of proxy functionality (at least that is how I read the docs).

Thanks

Tuelle  

Answer
Watch
Like Be the first to like this
6535 views

2 answers

0 votes
Daniel Yelamos [Adaptavist]
Daniel Yelamos [Adaptavist]
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
May 30, 2018

Okay let me expand on this:

Some APIs might let you connect with a token, or something of that like. For example, not long ago I worked on a built-in script to integrate with Trello for something personal. In this case we only needed to store an app-token and use it in our post request within the body of the param. 

Thing is, many apps deal with auth in a very very different way, accommodating for all of them would be very time consuming, and we have not found a sensible solution to this whole "storing password and keys" problem. We assume that the ones writing and viewing scripts are admins, and they themselves have access to these tokens. 

What I can suggest, is that you open a request for a feature in our customer portal so that you can actually get an official response from our development team.

Reply
0 votes
Daniel Yelamos [Adaptavist]
Daniel Yelamos [Adaptavist]
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
November 20, 2017

Hi Tuelle

I recently answered a question about this here:

https://community.atlassian.com/t5/Marketplace-Apps-questions/Make-a-GET-request-to-REST-API-and-Handle-JSON-in-behavior/qaq-p/603521

This is how you would make an authorised call to any rest API.

If you found this useful, please upvote and accept the answer :D

Cheers

Dyelamos

View More Comments
Tuelle
Tuelle November 21, 2017

Hi Dyelamos,

Thanks for your reply. Actually I was hoping that there is a smart way that avoids storing the username and a password in the script. The cloud version of ScriptRunner does this somehow by routing requests through some proxy which then adds necessary information to the header - I guess that is how it works. I am wondering why they did not add this feature to the server version.

Thanks for your hint!

Tuelle

Like
Daniel Yelamos [Adaptavist]
Daniel Yelamos [Adaptavist]
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
November 21, 2017

Hello Tuelle.

Actually, you make a fair point.

If I understood correctly, the plugin is using the same user base as JIRA itself yes?

If so, please confirm, and I'll give it a think. Will try to find a way of doing this.

Cheers

Dyelamos

Like
Tuelle
Tuelle November 21, 2017

Confirmed. We would like to query the Tempo Timesheets Rest API from ScriptRunner. The user accessing the Tempo API is always the same as the one calling the ScriptRunner script. Would be great if you would find a solution.

Perhaps it is possible to use an Oauth url like in gadgets for Jira?

Thanks a lot

Tuelle

Like
Paul Wolf
Paul Wolf March 21, 2018

Hello Daniel,

Were you ever able to find a way of doing this?  I'm trying to do something similar.  I would like to write a Jira workflow post-function Groovy script that needs to call a REST API provided by an add-on on the same Jira server, and would like to avoid hard-coding a username and password in my code.  Thank you.

Paul

Like
Daniel Yelamos [Adaptavist]
Daniel Yelamos [Adaptavist]
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
March 22, 2018

Hi Paul. 

The only "easy" way I found to do this, was by adding this information to a file, or issue that only a very limited userbase has access to. In all honesty, I'm a bit ashamed of even suggesting that, which is why I didn't reply in this thread to begin with. 

I've asked my seniors and I hope they can provide a better answer.

Do ping me here again if I don't respond, the community doesn't do a very good job at sending me important emails when people reply to my threads and I end up with 200 notifications from threads that I haven't answered to.

Cheers!

Dyelamos

Like
Tuelle
Tuelle April 28, 2018

Hi Daniel,

I just want to ask if you discussed this issue with your team and if there will be a solution soon. 

Thanks for your support

Tuelle

Like
Daniel Yelamos [Adaptavist]
Daniel Yelamos [Adaptavist]
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
May 30, 2018

Hi Tuelle. 

Afaik, no, there isn't. 

Refer to my other answer within this thread I've kind of expanded this.

Sorry!

Dyelamos

Like
Reply

Suggest an answer

Log in or Sign up to answer
Product apps
Apps & Integrations
TAGS
AUG Leaders

Atlassian Community Events

    See all events