Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Authentication for using Jira REST API

Ulrich Kamp
Ulrich Kamp September 21, 2022

Hi, 

I am using Insight for many years now and we use it as a general asset management for all our ITIL processes.

Now we will integrate Insight with some internal backend systems and the general import batch functions are not sufficient anymore. So I learned using the Insight REST API, which works fine so far. 

For authentication I recently use my username and password, but I would prefer to use an API-Token.

At the page https://insight-javadoc.riada.io/insight-javadoc-8.6/insight-rest/ authentication is not documented at all.

So I tried to use the global REST Jira documentation  at https://developer.atlassian.com/cloud/confluence/basic-auth-for-rest-apis/#simple-example. At least it works with my password, but not with the API token: I tried "curl -D- -u MY-USER:MY-PASSWD ...", which works fine, but with "curl -D- -u MY-USER:MY-API-TOKEN ..." I always got an 401 error.

Are there specific requirements for Insight? Or did I understand something wrong?

Thanks for any help.

Answer
Watch
Like Leon Rütten likes this
1231 views

3 answers

2 accepted

0 votes
Answer accepted
Ulrich Kamp
Ulrich Kamp September 22, 2022

Hi, after some more guessing and testing as well as some more reaerch I found the solution myself:

  • The Insight-linked documentation is wrong resp. only works for Jira Cloud.
  • Basic auth seems to differ between Jira Cloud and Jira Server. Good to know ...
  • The right link for Jira Server basic authentication is https://developer.atlassian.com/server/jira/platform/basic-authentication/#construct-the-authorization-header: You have to base64 encode username and password, not API token.
  • So, the API token at Jira Server seems to be useless (at least for basic auth) and you have to use your symmetrically encoded combination of username and password. Not the best idea ... But it works this way.

I will try your suggestion later @Tanishka Tandon, this could work for me.

Reply
0 votes
Answer accepted
Tanishka Tandon
Tanishka Tandon September 21, 2022

Hi  Ulrich, 

You can easily create API keys/tokens using the miniOrange REST API Authentication add-on for Jira and securely authenticate your Jira API requests. 

If you want to control who is calling the APIs, you could find an option to set a group-based restriction on APIs which would allow only certain groups in Jira to access the APIs. Similarly, you can also set an IP-based restriction on the APIs.

In the plugin’s audit logs, you would be able to monitor the API activity happening in your Jira instance. You can also export them in a CSV if you want to carry out analytics on them.

Find more about the addon here -Jira API Token/OAuth Authentication

Hope this answer helps you. 

Thanks.

View More Comments
Ulrich Kamp
Ulrich Kamp September 22, 2022

Thanks, not exactly what I expected, but I will try.

Like
Reply
0 votes
Robert Wen_ReleaseTEAM_
Robert Wen_ReleaseTEAM_
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
September 21, 2022

Did you base64 encode your user:API token string?

View More Comments
Ulrich Kamp
Ulrich Kamp September 22, 2022

Yes, I did.

Like
Reply

Suggest an answer

Log in or Sign up to answer
Product apps
Apps & Integrations
TAGS
AUG Leaders

Atlassian Community Events

    See all events