Community
Products
Apps & Integrations
Questions
Authenticate call of Jira REST API in ScriptRunner based REST endpoint (Jira Server)

Authenticate call of Jira REST API in ScriptRunner based REST endpoint (Jira Server)

Hi,

I have a ScriptRunner script based REST endpoint that needs to call the REST API of another Jira plugin. Is there a way to authenticate this nested call? Is it automatically handled? I am using ScriptRunner for Jira server. It seems that ScriptRunner for Jira Cloud does this automatically using some sort of proxy functionality (at least that is how I read the docs).

Thanks

Tuelle

2 answers

0 votes

Okay let me expand on this:

Some APIs might let you connect with a token, or something of that like. For example, not long ago I worked on a built-in script to integrate with Trello for something personal. In this case we only needed to store an app-token and use it in our post request within the body of the param.

Thing is, many apps deal with auth in a very very different way, accommodating for all of them would be very time consuming, and we have not found a sensible solution to this whole "storing password and keys" problem. We assume that the ones writing and viewing scripts are admins, and they themselves have access to these tokens.

What I can suggest, is that you open a request for a feature in our customer portal so that you can actually get an official response from our development team.

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

0 votes

Hi Tuelle

I recently answered a question about this here:

https://community.atlassian.com/t5/Marketplace-Apps-questions/Make-a-GET-request-to-REST-API-and-Handle-JSON-in-behavior/qaq-p/603521

This is how you would make an authorised call to any rest API.

If you found this useful, please upvote and accept the answer :D

Cheers

Dyelamos

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Hi Dyelamos,

Thanks for your reply. Actually I was hoping that there is a smart way that avoids storing the username and a password in the script. The cloud version of ScriptRunner does this somehow by routing requests through some proxy which then adds necessary information to the header - I guess that is how it works. I am wondering why they did not add this feature to the server version.

Thanks for your hint!

Tuelle

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Hello Tuelle.

Actually, you make a fair point.

If I understood correctly, the plugin is using the same user base as JIRA itself yes?

If so, please confirm, and I'll give it a think. Will try to find a way of doing this.

Cheers

Dyelamos

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Confirmed. We would like to query the Tempo Timesheets Rest API from ScriptRunner. The user accessing the Tempo API is always the same as the one calling the ScriptRunner script. Would be great if you would find a solution.

Perhaps it is possible to use an Oauth url like in gadgets for Jira?

Thanks a lot

Tuelle

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Hello Daniel,

Were you ever able to find a way of doing this? I'm trying to do something similar. I would like to write a Jira workflow post-function Groovy script that needs to call a REST API provided by an add-on on the same Jira server, and would like to avoid hard-coding a username and password in my code. Thank you.

Paul

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Hi Paul.

The only "easy" way I found to do this, was by adding this information to a file, or issue that only a very limited userbase has access to. In all honesty, I'm a bit ashamed of even suggesting that, which is why I didn't reply in this thread to begin with.

I've asked my seniors and I hope they can provide a better answer.

Do ping me here again if I don't respond, the community doesn't do a very good job at sending me important emails when people reply to my threads and I end up with 200 notifications from threads that I haven't answered to.

Cheers!

Dyelamos

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Hi Daniel,

I just want to ask if you discussed this issue with your team and if there will be a solution soon.

Thanks for your support

Tuelle

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Hi Tuelle.

Afaik, no, there isn't.

Refer to my other answer within this thread I've kind of expanded this.

Sorry!

Dyelamos

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Forums

Product Q&A

Community resources

Support

Top groups

Community resources

Support

Learn

Community resources

Support

Events

Community resources

Support

Authenticate call of Jira REST API in ScriptRunner based REST endpoint (Jira Server)

2 answers

Suggest an answer

Was this helpful?

Thanks!

TAGS

Atlassian Community Events

Forums

Product Q&A

Community resources

Support

Top groups

Community resources

Support

Learn

Community resources

Support

Events

Community resources

Support

Authenticate call of Jira REST API in ScriptRunner based REST endpoint (Jira Server)

2 answers

Suggest an answer

Was this helpful?

Thanks!

TAGS

Atlassian Community Events

Welcome to the new Atlassian Community