Add app to developers console for many Jira instances (OAuth 2.0)

I want to connect my app to many instances of Jira cloud by oAuth 2.0
For example, I want to add connection to FIRST.atlassian.net, SECOND.atlassian.net, etc.
Each instance has different user, which has access to it.
Can I add one application in my developers console and use CLIENT_ID and CLIENT_SECRET to allow access to each instances?
Or for each instance I should ask client to add application in his developers console and give me CLIENT_ID and CLIENT_SECRET?

Hey @MaksymShtatskyi,

You can integrate one OAuth 2.0 app with multiple *.atlassian.net sites. You just have to consent the app to access each and every site - see https://developer.atlassian.com/cloud/jira/platform/oauth-2-3lo-apps/#1--direct-the-user-to-the-authorization-url-to-get-an-authorization-code for reference.


Cheers!
Pawel

1 Like

+1 to @PawelCegla’s comments. In addition, it might help to know that apps you create can only be used by you, until you distribute your 3LO app. From the specific notes in that section:

  • OAuth 2.0 (3LO) apps are installed on a per-user basis, so you’ll have to send the link to all the users you want to grant access to.
  • Enabling sharing doesn’t make your app available on the Atlassian Marketplace. Although OAuth 2.0 (3LO) apps can be listed on the Atlassian Marketplace, they will appear as informational listings only, with limited Marketplace features.
2 Likes

Thanks @ibuchanan for the additional info!

@ibuchanan @PawelCegla Thank you for answer!
I have two Jira users: User1 has access only to FIRST.atlassian.net and User2 has access only for SECOND.atlassian.net
Created app by developers console for USER1, copied Authorization URL, logout from Jira by USER1 and login by USER2. When I tried to use Authorization URL from USER1 app had error: “You don’t have access to this app”.
Questions:

  1. After I add app to Market place can USER2 use Authorization URL from USER1 app?
  2. Can I add to Market place test app?
  3. How I can add access to app from USER1 to USER2 by access link?
  4. If I will have USER3 with access to FIRST.atlassian.net he can use Authorization URL from app USER1 also only when he get access from USER1. Correct?

Best regards, Maksym

@MaksymShtatskyi,

To be clear, you do not need your App to Marketplace. You need to “enable sharing”. You should only list on Marketplace if you want to promote your App to the public. So reframing the questions:

After I enable sharing can USER2 use Authorization URL from USER1 app?

Yes. Adding the App to Marketplace is not necessary and not recommended for this.

Can I enable sharing for a test app?

Yes.

How I can add access to app from USER1 to USER2 by access link?

Once you enable sharing, anyone with the authorization URL can self-authorize. If you require additional access controls (like you only want to share with people in your company), then you need to implement that in your App. The OAuth flow only grants and guards access to Atlassian APIs.

If I will have USER3 with access to FIRST.atlassian.net he can use Authorization URL from app USER1 also only when he get access from USER1. Correct?

Yes. Once USER1 enables sharing, then anyone, including USER3, who has the authorization URL can grant access. At this point, USER1 will not have any control, unless that is implemented in the App.

@ibuchanan Thank you so much for detail answer!