We would like to create a web application that authenticates the users as our service desk users.

Use case:

All of our customers are already logged on to our service desk.

We would like for them to authenticate with their Atlassian account in order to access our application and confirm they have access to a specific project. (SSO)

"Connected apps" is not an option as we need to run the application outside of the Jira/service desk application.

"OAuth 2.0 authorization code grants (3LO) for apps" (which is currently in Beta) seems like might be useful.

Although it seems like non of the Permissions we can add in the app management for the "Jira platform REST API" answers my needs which is:

1. authentication.
2. verifying the user has access to a specific project.

 We've done some digging in the docs and the community and couldn’t find any relevant solutions.

 Does anyone have an idea how we could implement this?

Thanks