Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Scriptrunner REST endpoint authentication Edited

Hello, I am trying to create REST endpoint to query JIRA REST API in the same instance of JIRA and I have some issues with authorization. While I can use basic authorization, I need to use current logged user context and get rid of hardcoded credentials in endpoint source code.

Here is my script based on some examples on adaptivist site:

import org.apache.http.HttpRequestInterceptor;
import org.apache.http.HttpRequest;
import org.apache.http.protocol.HttpContext;
import groovy.json.JsonSlurper;
import groovy.json.JsonBuilder;
import groovy.transform.BaseScript
@BaseScript CustomEndpointDelegate delegate 

    httpMethod: "GET") { MultivaluedMap queryParams -> 
def JIRA_REST_URL = "https://jira-test"
def JIRA_API_URL = JIRA_REST_URL + "/rest/api/2/project"
def httpBuilder = new HTTPBuilder(JIRA_API_URL);
httpBuilder.client.addRequestInterceptor(new HttpRequestInterceptor() {
void process(HttpRequest httpRequest, HttpContext httpContext) {
httpRequest.addHeader('Authorization', 'Basic ' + 'user:pass'.bytes.encodeBase64().toString())
def rt = [:]
def projects = httpBuilder.request(Method.GET, ContentType.JSON) {
            uri.path = "/rest/api/2/project"
            response.failure = { resp, reader ->
                 log.warn("Failed to query JIRA API: " + reader.text)
    rt = [
        items: projects.collect { project ->
                   html : project.key,
                   label: project.key,

return Response.ok(new JsonBuilder(rt).toString()).build();

P.S. I am trying to get project list and issue type list and then use convertToSingleSelect() functionality, may be it is possible to do internally, without REST API calls.




1 answer

1 accepted

Hey Максим,

If I understand your request correctly, you would like a Custom REST Endpoint where only authenticated JIRA users can retrieve a list of project information.

I have written an example script that will achieve this using the ScriptRunner REST Endpoints. This example will give you a list of projects with their corresponding issue types.

import com.atlassian.jira.component.ComponentAccessor
import groovy.json.JsonBuilder
import groovy.transform.BaseScript

import javax.servlet.http.HttpServletRequest

@BaseScript CustomEndpointDelegate delegate

getProjects(httpMethod: "GET", groups: ["jira-users"]) { MultivaluedMap queryParams, String body, HttpServletRequest request ->
    // Get the projects
    def pm = ComponentAccessor.getProjectManager()
    def projects = pm.getProjects()

    def rt = [
        items: projects.collect { project ->
                value     :,
                html      : project.key,
                label     : project.key,
                issueTypes: project.getIssueTypes().collect { issueType ->
                        id  :,

    return Response.ok(new JsonBuilder(rt).toString()).build()

Enforcing Users

The way that this enforces users is that I have set the groups parameter to "jira-users" (line 12). This means that ONLY authenticated JIRA users who are in the jira-users group can access this resource.

You could also achieve this by getting the user and checking it yourself. An example of this approach is in the SR documentation. I would recommend the approach that I have demonstrated as it is more maintainable.

Getting a list of projects

As you suggested in your post, you can get the projects and issue type data without the need to make a call to another rest endpoint. The example I have given you demonstrates how to do this using the ProjectManager utility.

Hello, Stephen. Thank you for your answer. It was really like I had been trying to reinvent the wheel with my attempts to use JIRA REST. Your solution is exactly what I need.


P.S. I also have found solution for my auth problem : I've forwarded Cookie header from initial endpoint request to JIRA REST.

Hi Максим,

How did you forwarded the Cookie? I ran into the same problem as you - I want to use HTTPBuilder but as a currently logged in user but by default all requests are being sent as anonymous.



Like Bertrand Schmitt likes this

Hi @Stephen Cheesley _Adaptavist_

Thanks for the solution, but what if the new rest end-point is being called from behaviour or post-function within the same jira instance? how the authentication would be managed? As far as I could test, current user context authentication is not accessible and can not be cascaded to the rest end-point. Is my understanding the right one?

Thanks in advanced,

Hi @Stephen Cheesley _Adaptavist_ 
your suggestion worked like a charm for my rest point associated to a behaviour!

Great to hear @Alberto Carrani ! Happy Scripting :-)

Suggest an answer

Log in or Sign up to answer
Community showcase
Published in Marketplace Apps & Integrations

5 mobile apps for Jira Cloud to boost productivity

  It’s very important to have access to the workflow process from anywhere. Especially if you manage the work of others. There is no difference whether you’re out of office, or drive a ca...

225 views 2 5
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you