Connecting 3rd party software to Jira (reading & creating issues)

Jira Development Jira Cloud
1

Hi everyone,

we’ve been using Jira for years ourselves and now find us in the situation, that a customer requests to integrate jira into our software. Currently, the only need we have is to read and create issues in a given project. For example, in case we encounter some kind of issue in our software, we like to create a new issue in the connected jira project so the customers IT support can handle it.

The situation:

  • We have a web application
  • Issues can be created either as part of a user request or within a background job
  • The connection to jira should be configured once per customer and not use a per use authentication

My question now is, how to go about it and keep it future proof?

The basic authentication would be sufficient from all I can tell. But when creating a token I noticed the box above saying " API tokens without scopes are being deprecated". So I created a scoped token instead, only to find out later that apparently it doesn’t work with basic authentication (yet?). Using the (deprecated) unscoped API token everything works to our needs.

If it wasn’t for the deprecated API token the story would end here. But I’d like a future proof integration and not develop something, that may or may not work in the (near) future. So I explored the linked oauth method.

My problem is, given our context I can’t use the 3LO version of it, since there is no possibility to perform the normal oauth style authentication which includes callback URLs. I followed the api documentation and created an app in the developer console. I also found a workaround to get a token directly, skipping the callback uri, by using the following content for the auth.atlassian.com/oauth/token endpoint:

{
    grant_type = "client_credentials",
    client_id = _clientId,
    client_secret = _clientSecret,
    audience = "api.atlassian.com"
}

However, I’m stuck because the app doesn’t have access to my project. The api.atlassian.com/oauth/token/accessible-resources endpoint returns an empty list. All I can tell is that it seems I have to somehow install this app in my project?

How should I go about this problem and which way to access the api would be best for my case?

Thanks all!

2 Likes