Today we published a deprecation notice for the usage of passwords in basic authentication requests for the Jira Cloud REST API and the “cookie-based authentication” mechanism.
I strongly recommend you read the full deprecation notice. In summary:
- Basic authentication requests for Jira Cloud should use API tokens instead of Atlassian account passwords. This affects both API requests and non-API URIs.
- Cookie-based authentication will be removed in the future. Basic authentication with API tokens is the recommended replacement.
In accordance with the Atlassian REST API Policy, support for both will not be removed for at least six months. The deprecation notice has links to ACJIRA tickets that we will use to provide updates on these changes. That said, we recommend you adopt these changes as soon as possible.
Senior Product Manager, Jira Cloud