Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Celebration

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root

Avatar

1 badge earned

Collect

Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!

Challenges
Coins

Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.

Recognition
Ribbon

Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!

Leaderboard

Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
4,552,200
Community Members
 
Community Events
184
Community Groups

Authentication for using Jira REST API

Hi, 

I am using Insight for many years now and we use it as a general asset management for all our ITIL processes.

Now we will integrate Insight with some internal backend systems and the general import batch functions are not sufficient anymore. So I learned using the Insight REST API, which works fine so far. 

For authentication I recently use my username and password, but I would prefer to use an API-Token.

At the page https://insight-javadoc.riada.io/insight-javadoc-8.6/insight-rest/ authentication is not documented at all.

So I tried to use the global REST Jira documentation  at https://developer.atlassian.com/cloud/confluence/basic-auth-for-rest-apis/#simple-example. At least it works with my password, but not with the API token: I tried "curl -D- -u MY-USER:MY-PASSWD ...", which works fine, but with "curl -D- -u MY-USER:MY-API-TOKEN ..." I always got an 401 error.

Are there specific requirements for Insight? Or did I understand something wrong?

Thanks for any help.

3 answers

2 accepted

0 votes
Answer accepted

Hi, after some more guessing and testing as well as some more reaerch I found the solution myself:

  • The Insight-linked documentation is wrong resp. only works for Jira Cloud.
  • Basic auth seems to differ between Jira Cloud and Jira Server. Good to know ...
  • The right link for Jira Server basic authentication is https://developer.atlassian.com/server/jira/platform/basic-authentication/#construct-the-authorization-header: You have to base64 encode username and password, not API token.
  • So, the API token at Jira Server seems to be useless (at least for basic auth) and you have to use your symmetrically encoded combination of username and password. Not the best idea ... But it works this way.

I will try your suggestion later @Tanishka Tandon, this could work for me.

Hi  Ulrich, 

You can easily create API keys/tokens using the miniOrange REST API Authentication add-on for Jira and securely authenticate your Jira API requests. 

If you want to control who is calling the APIs, you could find an option to set a group-based restriction on APIs which would allow only certain groups in Jira to access the APIs. Similarly, you can also set an IP-based restriction on the APIs.

In the plugin’s audit logs, you would be able to monitor the API activity happening in your Jira instance. You can also export them in a CSV if you want to carry out analytics on them.

Find more about the addon here -Jira API Token/OAuth Authentication

Hope this answer helps you. 

Thanks.

Thanks, not exactly what I expected, but I will try.

0 votes
Robert Wen_ReleaseTEAM_
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Sep 21, 2022

Did you base64 encode your user:API token string?

Suggest an answer

Log in or Sign up to answer
TAGS
AUG Leaders

Atlassian Community Events