Creating issues from an external system: is there any way to handle third-party authentication?

Hi, I’m a data analyst pinch-hitting on customizing a Jira system for my office. I don’t usually deal with security measures at all, so I apologize if I’m asking seemingly dumb questions, but I just do not have the background to figure this out on my own from the documentation. I’ve tried!

We have an external system that automatically creates lists of items that need to be checked for QC. We are importing these lists into JIRA as issues, to manage assigning and tracking the work. Right now, someone has to manually import those issues from a CSV file each day.

We want the QC system to be able to send the issues straight to Jira, without the need for daily manual intervention. I’m trying to figure out if this is possible.

I expected to be able to do this via the REST API, but I’ve gotten hung up on the authentication. Sign in to all institutional resources is managed via a SSO system that verifies an identity card chip and PIN. So if I use a script to contact our server, I am redirected to this sign in page, just when I go to the website through a browser.

Based on what I’ve read in the last couple weeks, it looks to me like what I need to complete authentication this way is 3-legged OAuth 2.0, which I understand we can’t do in JIRA Server. Am I understanding this correctly? Is there no way to access our JIRA system via API because we use an SSO system? Or is there some way to do this that I have not understood?

I thought perhaps creating issues via email would be a way around this, but it seems the mail handlers can only create a sort of “quick and dirty” issue, with the default issue type and a description. We need to be able to specify the issue type and fill out several additional fields.

If there is some other approach that could work here, please suggest it to me! I just need help getting pointed in the right direction.

Thank you!

Hello again @AlexSticco,

Thanks for providing additional context about your auth problems.

By default, the authentication mechanisms for Jira Server’s UI and the REST API are distinct; hence, the SSO should not change REST API auth (but it might). The easiest thing to try would be Personal Access Tokens.

If a token doesn’t work, then your admin has done something “non-standard” (at least in terms of “out of the box” configuration) and we would need to know more to make an appropriate recommendation. Infrastructure like firewalls, proxies, and load balancers might be intentionally deployed as extra protection in front of Jira. Or, Jira Apps (some that provide SSO) may change the auth behavior of Jira. Any of those could prevent normal REST API access and OAuth 2.0 would not universally solve all of them.