Authenticating with the Service Desk REST API as a customer (portal only) user

We use JIRA Cloud Service Desk to provide customer support for our product.

We also have a separate website that has product documentation. I would like to restrict access to the product documentation site to only the customers that exist in our Service Desk instance.

My thought was to use OAuth against JIRA and if an access token is returned, that means the user is valid in Service Desk and I can therefore let them see the product documentation.

The documentation website is an ASP.NET MVC app, and I’m using the DotNetAuth Nuget package along with the concepts shown here:

I’ve found that this approach works great for my own JIRA account which is an Atlassian ID. If I’m logged in to JIRA, I see that the request to takes me to a page asking me to Allow or Deny access. If I click Allow, I get an oauth_token back.

However, when I’m logged in to Service Desk as a customer (portal only) user, it doesn’t work. The request to gives me a 302 response that redirects to the Service Desk main page (/servicedesk/customer/portals) instead of showing the page to Allow or Deny access.

Is this a limitation of Portal Only users, or is there a way for such users to authenticate via OAuth?


Hi Brett! We are also struggling with the same issue. Were you able to find out more, and how did you decide at the end?

Does anyone have any more information on this? Is there any further configuration required for JIRA Cloud Service Desk customers to use OAuth, beyond that which works for regular Atlassian ID users?

Is the information on up to date?

Unfortunately I never found any additional information. I had to move on to other projects.