Thank you Derek! Do you have any link or reference? It would be very useful to follow up the resolution!

I am facing the same issue and I am using the postman collection provided in the "developer guideline pages" (v2 and v3).

Is it possible to have the reference link of the raised bug? 

It will be very useful.

Thank you so much Derek! Do you know how can I inform Atlassian about this bug?

Hi @Derek Fields _RightStar_ ,

Could you please let me know,  how can I access JIRA Rest API by impersonating a user request. A request from user should go to a service. Service should use admin rights to access API and fetch the details. 

I don't understand the question. When you access a REST API, you need to authenticate, either through Basic authentication or by following the OAUTH flow, which requires a login sequence through a URL. The login credentials that you use will indicate the user that is making the REST call. 

On server, you could write a custom REST call that would allow a user to make the call and then execute the request as an admin-privileged user. You can't do that on Cloud.

Thanks for the reply @Derek Fields _RightStar_ . 

I read it somewhere that basic authentication is deprecated. Can I still use it. 

Please read my below to understand my scenario. 

User submits a request to create an issue in jira board. Since user doesn't have account in jira. I want to create a rest api which will receive the users request and then uses admin credentials and make a request to jira rest api to create an issue. This is what I am trying to achieve. 

However, I am facing problems here. I have admin account in jira. When I login in browser  I can see JSessionId. Now when I am passing my user name or email Id with password (which is my windows password) basic authencarion is failing. 

Could you please be do kind to help me. 

You can still use basic authentication. You need to pass a header that is

Authentication: Basic <base64 encoded token>

The encoded token is formed by taking the string <username>:<password> and base64 encoding it. 

You can do this in Powershell with following:

$Text = 'username:password'
$Bytes = [System.Text.Encoding]::Unicode.GetBytes($Text)
$EncodedText =[Convert]::ToBase64String($Bytes)
$EncodedText

This will show you the token. 

I hope that this helps.

Thanks for such quick reply.  I will try this.

One last question. My organization has hosted jira in cloud looks like. Url looks something like 

https://gojira.companyname.cloud/jira 

Will this still work, as you mentioned it wouldn't work in cloud? 

If not, cannot I use oauth and do some impersonation. If so how can that be achieved. 

Instead of using a password in the cloud, you need to generate an API token and use that as the password, following the same logic as above. You create an API token by going to your profile and looking under Security. 

I am not an expert in OAUTH implementation. It requires a web server on your end to provide the user with an authentication dialog. 

@Derek Fields _RightStar_ , sorry to say but the basic authentication is failing. Its giving 500 internal server error. Could you please help me.

I am helpless now. First of all, I am not seeing an option to generate API token in my JIRA board under profile. I even searched in google. Could you please tell me why I do not have option to generate API token. I am an admin.

What do you mean? 

Using:

https://{host}/rest/api/2/issue/{issue_key}/worklog?startedAfter=1575932400000

Instead of:

https://{host}/rest/api/2/issue/{issue_key}/worklog?startedAfter=1575932400

 ?

I'm still getting all the worklogs...

I'm having the same issue but I think the problem here is that we're using v2 of the API.

"startedAfter" seems to have only been introduced from v3..

Have you tried with v3? Does it work?

I didn't try with v3 @Lara Gonzalez Villanueva as it would be too much trouble asking my company to upgrade..

I ended up using the tempo API to achieve what I wanted but you must have the tempo plugin installed:

https://www.tempo.io/server-api-documentation/timesheets#operation/searchWorklogs

Hope this helps,

Carlos

Thank you!

milliseconds worked. Thanks!!!!

Hi Derek,

Thanks for your answer! I guess I'm using Cloud (anyway I'm not completely sure...). As I wrote on my comment I have already tried that option, without "jql=", but the response is the same, I get all the worklogs...