Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions
Community
Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning Events Champions
Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning Events Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Grant access via API token

Flavia Helena
Flavia Helena
Contributor
September 5, 2025

Hello! How are you?

I need to provide a Jira API token to a user outside my organization so they can extract some data from the platform. This user is a client user of ours. I've already tried to add them to a group created to give them access, but without success.

What I need here is to create a username and password for them, generate a token, and send this token to them. It's important to remember that the user to be created has an email address external to my organization. Let me give you an example:

If my organization's email address is @orange, their email address is @Apple.

How do I do this in JSM?

Answer
Watch
Like Be the first to like this
2470 views

4 answers

1 accepted

1 vote
Answer accepted
Flavia Helena
Flavia Helena
Contributor
September 5, 2025

Hello @Trudy Claspill , @Marc - Devoteam @Matteo Vecchiato 

 

I read about the service account and believe this will give them the access they need, or am I wrong?

The service account will generate an email address and an API token so they can access the necessary data. Is this possible?

Before trying the service account, I gave the external user User (agent) permissions, but without access to my ticket board. I just need them to be able to extract data to generate a database with tickets related to their organization.

Best regards

View More Comments
Trudy Claspill
Trudy Claspill
Community Champion
September 5, 2025

I have not used a Service Account yet, but it does seem that this would match your needs.

With a Service Account they would be able to access the API but not the UI for your Jira app.

Do you want them to have access to more data than would be available through the Customer portal?

If you give the account only JSM Customer access, they will be limited in the data that they can extract.

If you give the account JSM User/Agent access, then they will have access to more data for the issues and to all the issues in the projects to which you give the account access. You would need to add constraints to limit their access to only the issues for a particular customer organization, if that is needed.

Like
Flavia Helena
Flavia Helena
Contributor
September 8, 2025

Hello!
The only thing I need them to have access to is to extract some ticket data from their organization. Everything else needs to be blocked from their access. They only want to extract some data to generate dashboards.

Like
Trudy Claspill
Trudy Claspill
Community Champion
September 8, 2025

I have not experimented with the Service Accounts so I can't speak with authority on their use or what is and is not accessible.

I would recommend that you do your own testing before making the service account information available to your client.

When you create a Service account you have to grant it access to the application, in your case JSM. You have to specify the level of access. For JSM you can grant User/Agent access, or Customer Access. If you grant Customer access, the service account will be restricted to the data and API endpoints that could be used by a person granted Customer access. If the client needs access to data that is not available through the Customer Portal, then the service account would need User/Agent access.

I think, but have not confirmed, that you also need to add the service account to the specific project that you want to allow it to access, just like you would do for a person. I don't see this explicitly mentioned in the documentation, but the implication is that a service account can have access restricted to specific projects, and I don't see any other way to do that.

So, if you give the service account User/Agent access to JSM and add it to the JSM project, it will be able to see all issues in that project, not just the ones for a particular Organization.

If you give the service account only Customer access to JSM and add it to the JSM project and the Organization of the client, then theoretically it should be able to see only the issues shared with that Organization. If the issues aren't shared with the Organization, then it would not be able to see them.

 

This is all theoretical for me. I have not actually tried to do any of this.

Like
Flavia Helena
Flavia Helena
Contributor
September 9, 2025

Thanks!!

Like
Reply
1 vote
Trudy Claspill
Trudy Claspill
Community Champion
September 5, 2025

Hello @Flavia Helena 

What type of access have you granted to the user?

- Customer access

- JSM agent access

- Jira user access (if yo have Jira as well as JSM)

- App Administrator access

As mentioned by @Matteo Vecchiato an API token is created from a user's Personal Settings options. It is currently not possible for a token to be created on behalf of another user. You would have to login to Atlassian Cloud with that user's credentials and create the API token while logged in as them.

Note also that you can't use the "Login as User" option for a user that has never logged in, and you cannot access the Personal Settings for a user when using the "Login as User" option.

Reply
1 vote
Marc - Devoteam
Marc - Devoteam
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
September 5, 2025

Hi @Flavia Helena 

If this external user wants to use the API, then you need to provide them with an account and grant them a JSM license.

An external user who is a customer (non-licensed user) can't access data, even if you created an API token for them.

NOTE this user could login to Jira as well and see any issue on the JSM projects as an agent.

Do you want to open up your instance to this user.

View More Comments
Flavia Helena
Flavia Helena
Contributor
September 5, 2025

No. The only thing I need to allow is for it to extract the data it needs.

Like
Marc - Devoteam
Marc - Devoteam
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
September 9, 2025

Hi @Flavia Helena 

Still access to JSM is required as an agent.

So yes you could even user a service account for this, but an agent license needs to be granted.

Just a user with just customer access can't see any information via the API.

Like Flavia Helena likes this
Reply
0 votes
Matteo Vecchiato
Matteo Vecchiato
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
September 5, 2025

Hi @Flavia Helena

The API tokens are generated from the user personal settings, please have look to this article https://support.atlassian.com/atlassian-account/docs/manage-api-tokens-for-your-atlassian-account/ 

Also note that Atlassian has recently released the option to create service accounts that allows to generate tokens for integrations.

Hope it helps 

Reply

Suggest an answer

Log in or Sign up to answer
Jira Service Desk
Jira Service Management
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
STANDARD
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Notice at Collection Terms Security