Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Is it possible to get an authentication token through OAuth 2.0 using an app password?

argentum47
argentum47 January 5, 2022

I am trying to let users of my application post issues directly to a repository. To do this, I have set up an account for the application that also has access to the repository. Before creating an issue we need to get an authentication token as per this article. I am looking to use the OAuth2.0 Password grant type and the password I wish to use is my app password as opposed to my actual password. This is because with the app password I can manage the scope of access that the password has and if it were to get exposed it does not pose a major security risk. 

 

Is this at all possible or should I be going about this in another way altogether?  

Answer
Watch
Like Be the first to like this
422 views

2 answers

1 accepted

1 vote
Answer accepted
Caroline R
Caroline R
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
January 6, 2022

Hi, @argentum47

Thank you for reaching out to Atlassian Community!

When creating an OAuth, you shouldn’t inform your password or an app password, so I would like to clarify where you are using a password. In case you would like to read the process to create an OAuth, you can access the following link:

What you could do is use an App password to authenticate this request instead of an OAuth.

Please feel free to correct me in case I have misunderstood something here.

Kind regards,
Caroline

View More Comments
argentum47
argentum47 January 6, 2022

Hi, @Caroline R 

 

As per the link you sent, I'm using one of the four RFC-6749 grant flows, specifically the password grant type. I'm realizing now that If I'm to use the app password, I can't use it to get the OAuth token but I should be using basic authentication instead.

 

Thank you for the assistance!

Like
Reply
0 votes
Vishwas
Vishwas
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
January 6, 2022

Hi @argentum47 

I believe the purpose of creating Oauth2.0 token is to use this as password instead of actual password in other applications so that it reduces to login over and again.

 Regards,

Vishwas

View More Comments
argentum47
argentum47 January 6, 2022

Hi @Vishwas ,

 

I realize now that using the App Password and Basic authentication is what I need to do.  Using an Oauth2.0 token wouldn't work for my use case as it expires. 

 

Thank you for your insight!

Like Vishwas likes this
Reply

Suggest an answer

Log in or Sign up to answer
Bitbucket
Bitbucket
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Notice at Collection Terms Security