Adding comment to an issue

Hi,

I am trying adding a comment to an issue through rest api but author remains the one I am using in

–user email@example.com:<api_token>

I want to add it from logged in user. I tried using author parameter.

1 Like

If you’re using basic authentication, the request will only be executed on behalf of that user you’re passing in the request.

To make a call on behalf of a user (referred to as impersonation), you’ll need to use OAuth 2.0 bearer token. See: https://developer.atlassian.com/cloud/jira/service-desk/oauth-2-jwt-bearer-token-authorization-grant-type/

2 Likes

Thanks @nmansilla,

I’ll try what you have suggested.

Hi @nmansilla,

If we can raise an issue in behalf of an user then why we can not add a comment in behalf of user directly through API?

Is there any step-by-step guide which I can follow? Documentation looks like for experts not for beginners. What add-on admin needs to install? To just explain what I am really trying to achieve, I have a php web application where I want loggedin user to create request in service desk, comment on their created issues and a visibility of their created issues.

Thanks for help.

1 Like

Hi @jaya,

Are you connecting to JSD as a third party web application or as an app installed in the service desk?

If by app, which is an add-on that you install in your service desk, then you’d be interested in these REST Scopes which lists down which Scopes are needed per REST endpoint. If you don’t see the REST endpoint there, then it’s not available for an app to execute.

If as a third party web application, then you need to conduct an oauth dance for your web app and established a secured token for this. One of useful tutorial for me.

If by app installed in the service desk, its possible via this REST Call: Add comment and it’s one of the included REST scopes.

If by third party web app, you can try the OAuth dance and use a Request library framework available in PHP and do a POST. If that’s too complicated and you just want to try, you can use basic authentication (highly discouraged) to execute the REST Call: Add comment and will just need to add an Authorization header on behalf of the user (since you have the credentials of the logged in user).

Hope that helped.

Cheers,
Anne Calantog

Thank you for reply @acalantog,

My application is a separate php application where I created my own UI for application’s logged in user to create issues in service desk through REST API so they don’t need to login in service desk too to just check the issues they have created. I want users to login to my application and interact with service desk. I didn’t install anything in JIRA.

I am using this api to create a customer request (also creating customer if they doesn’t already exist) and using “raiseOnBehalfOf”. Basically I don’t want users to login to service desk but provide them ability to create issues/comments in my application.

I am not sure if this is the right way to achieve this.

1 Like

Hi @jaya,

That API is for creating customer requests only and not adding comment in an issue. I suggest that you use Add Comment and provide the issueId of your customer’s request, should be the same. If you don’t want to fully interact with the service desk via your application, you need to do the oauth dance with it, instead of ‘raising in behalf’ of a user because not all APIs have that functionality.

If that’s too complicated for you, you can always go back to using basic auth, add an Authorization header (this does not require any application links and oauth) but this is discouraged.

Cheers,
Anne Calantog