Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Make requests to JIRA from external application (like create or update transition)

Harinath T
Harinath T December 27, 2017

I am able to create/update issue transitions with JIRA REST API using Basic Authentication and OAuth. Below are the issues which I am facing: 

Basic Authentication requires JIRA credentials to be sent by external application to make requests/transitions. This approach is not friendly because JIRA API requires username/password and some how external application should be able to pass these credentials.

2. And with OAuth, able to perform actions by using OAuth token, here token is specific to user registration. So here requirement is to know who is performing the action (transitions and updations) and it will be difficult to ask individual users to register their own tokens. Is there a way to identify each user even by sharing a single token, to precise this I will maintain the same user names in JIRA and in my external application database, by identifying the username actions should be registered on the user who sent request rather than the user generated the token. 

Otherwise is there way to create OAuth tokens whenever the external app makes a request to JIRA( like on demand). 

finally my expectation is "External application to make requests to JIRA" with logged-in users and actions should be logged on user who makes a request (like update on transition actions).

Thanks in advance.

 

 

 

 

 

 

 

 

 

 

 

Answer
Watch
Like Be the first to like this
1216 views

1 answer

0 votes
Alexey Matveev
Alexey Matveev
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
December 27, 2017

Hello,

Let s move our discusstion here. As I mentioned earlier. You need to use SSO to connect to Jira. 

I personally used Kerberos. You log in to Windows once and then in your external appication you get authentication tickets from the key distributor system. Everything is hidden by the kerberos api which you will use. You do not need provide a username or password.

View More Comments
Harinath T
Harinath T December 27, 2017

Hi Alexey Matveev

I don't have any knowledge on kerberos, does it require any Active Directory? my external application built with j_security_check and doesn't have any active directory.

Can you please provide me the document references to implement Kerberos authentication on windows. 

Thank you

Like
Alexey Matveev
Alexey Matveev
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
December 27, 2017

It requires Active Directory. You can read more here

https://discuss.pivotal.io/hc/en-us/articles/115008269167-How-to-setup-Kerberos-authentication-with-Windows-Active-Directory-in-HDB

I am not aware if Active Directory can be changed to something else.

Also you need to install an add-on on Jira. You were offered Kantega add-on. That is exactly what we used. If you call a rest service using the add-on there is an option in the add-on which you have to check if you want Kerberos authentication using REST API

Like
Harinath T
Harinath T December 27, 2017

Thanks a lot,
Is there any alternate solution for us without Active Directory help.

To make SSO does it require Active Directory?

Please don't mind I am very new to SSO implementation.

Like
Alexey Matveev
Alexey Matveev
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
December 27, 2017

First you have to look at the plugins which are available for Jira. For example, I found this one

https://marketplace.atlassian.com/plugins/com.resolution.atlasplugins.samlsso.Jira/server/overview

This plugin supports 

  • Business class support for Microsoft ADFS, Azure AD, GSuite
  • Standards based compatiblity with Shibboleth, Onelogin, Ping, Okta, OpenAM, WSO2, NetIQ, Keycloak

Then choose the system you like from the list above. Install the system, install the trial version of the add-on and try to write an external app. 

Also think on how a user will authenticate in the system first. When using Kerberos a user authenticates on login (that is where the user provides the password). The problem is that the user at least once must authenticate with the system. I guess the best way is on logon to the pc. Try to find information if it is possible with the systems.

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Terms Security
    Welcome illustration

    Welcome to the new Atlassian Community

    Online forums and learning are now in one easy-to-use experience.

    By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.