The Atlassian OAuth 2.0 authorization service that is currently available at auth.atlassian.io is moving to a different URL, oauth-2-authorization-server.services.atlassian.com . Atlassian is consolidating all of our public services under this naming scheme.
What is auth.atlassian.io used for?
The service endpoint is used by Connect apps for requesting access tokens, which are used for user impersonation (making API calls from your backend on behalf of a user). For example, if your app uses the atlassian-oauth2 JavaScript library to exchange a JWT token for a bearer/access token, it is calling this endpoint.
What changes do I need to make and by when?
You need to update all references of the legacy hostname auth.atlassian.io to the new hostname oauth-2-authorization-server.services.atlassian.com.
The new hostname is already in service, and you can transition your apps immediately. If you’re using the library atlassian-oauth2 in Node.js, ensure that you’re on version 0.4.2 or later. Likewise, if you’re using atlassian-connect-spring-boot in Java, check that you’re using version 2.0.4 or later.
The legacy hostname will remain functional until 1st January 2021. The deprecation period will not be extended.
Questions?
If you have questions or need some help, reply here or reach out on the Developer Community forums.