Authentication for the Personal data reporting API (Oauth2 type)

weizhou · November 16, 2021, 5:14pm

Atlassian,

I am working on the Personal data reporting API, which is required for the Jira App that I created.

I created an OAuth 2.0 (3LO) jira APP. And added the “Personal data reporting API” in the permission portal of the developer console.
The guide for the personal data reporting API (https://developer.atlassian.com/cloud/jira/platform/user-privacy-developer-guide/) does not state which credential is required to call the Personal data reporting API (or report-accounts API). It just says “Authentication: OAuth 2.0 authorization code grants”.

Link: https://developer.atlassian.com/cloud/jira/platform/user-privacy-developer-guide/#report-accounts-for-oauth-2-0-authorization-code-grants--3lo--apps

I did not provide any credential in the header for the active testing accountId. The request failed with 401.

I wonder if this API needs the access token of this accountId in the request header.
But the guide says each request allows up to 90 accounts to be reported. If a request has a batch of 90 accountIds, what credential is required to authorize the request?

Thanks,

weizhou · November 16, 2021, 5:18pm

Another screenshot for the failed request with the active testing accountId:

https://developer.atlassian.com/cloud/jira/platform/user-privacy-developer-guide/#testing

weizhou · November 16, 2021, 5:54pm

When I provided an access token (but the access token is not associated with testing accountIds), the report-accounts request succeeded. I wonder if this a reasonable behavior.
See the successful request below:

nmansilla · November 17, 2021, 11:17pm

@weizhou from testing, it appears that any bearer token appears to work. That being said, I suggest that you use a bearer token from the user/account that owns the 3LO app (to reduce chance of auth token revocation).

I’ll engage some folks internally about getting the API docs updated with this suggestion. Thanks!

KamaleshMohapatra · July 10, 2023, 2:44pm

@nmansilla is there any update on this thread ? It would be great , if you found any reference and share it .

@weizhou have you resolved this issue ?