Alternatives to Service Accounts?

Hello Everyone,

Has anyone found any alternatives to service accounts that work for JIRA?

gMSA & sMSA seem to be out of the question, or not supported, unless I am mistaken.
I don't see any authentication protocols that don't require a User Account and an API token.
We do not have an internal app to handle requests "as application".

The trouble we run into is several fold:

We need to create a separate profile/email for 2FA for these accounts, leading to sharing and excess visibility.
Passwords expiring creates a risk of integrations breaking
License count expands as more and more service accounts

Any ideas on how we can handle this more securely & efficiently? TIA!

1 answer

0 votes

I haven't needed to use it yet myself, but Jira supports OAuth 2.0.

That page seems to contradict itself, though:

"You can revoke this access token at any time from your Jira user account, otherwise, all access tokens expire after seven days."

"This access token is specific to this gadget and as long as the token resides with the gadget, your gadget will have access to your Jira data."

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

CLOUD

PREMIUM

Product Admin