How can I access my own private extension api?

I’m trying to access a jira api I created using an extension but I can’t figure out how I can access it from a third party as it is listed as private. In my case I’m trying to access this api using Automation for Jira. How do I go about accessing a private api I created? Is there a way to for instance make it public? Or do I need to make a call using some sort of authentication?

1 Like

The url to call will depend on what you have set in the atlassian-plugin.xml file of your extension (in the rest part).

The url to call should look-like something like this


I should probably have been more clear in my original post. I am aware how I can make a call to a rest resource but I’ve been trying to make a call from basically a third party so I was wondering how I can authorize such a call. When I try to call this API it returns: XSRF check failed. I read about disabling XSRF for my entire Jira instance but this is not something I want to do.

So how can I authorize a specific rest resource to require no authentication or how do I send the required authorization so I can access the required rest resource.

Hi @jeffrey.peeters,


So how can I authorize a specific rest resource to require no authentication

have you tried annotating with AnonymousAllowed? The following worked for me. Is this what you’re looking for?

public class MyRestResource {

    @Produces({MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML})
    public Response getMessage()
       return Response.ok(new MyRestResourceModel("Hello World")).build();


1 Like