How to create a webhook with REST API?

SeikyoCho · April 25, 2024, 10:22am

When I run this to create a webhook:

https://developer.atlassian.com/cloud/jira/platform/webhooks/#using-the-rest-api--registration

curl --request POST \
  --url 'https://my-domain.atlassian.net/rest/api/2/webhook' \
  --user 'my-email@my-company.com:[MY_API_TOKEN]' \
  --header 'Accept: application/json' \
  --header 'Content-Type: application/json' \
  --data '{
  "url": "https://your-app.example.com/webhook-received",
  "webhooks": [
    {
      "events": [
        "jira:issue_created",
        "jira:issue_updated",
        "jira:issue_deleted"
      ]
    }
  ]
}'

I got this error:

{"errorMessages":["Only apps can access this resource."],"errors":{}}

Why?

Another question, if create a webhook from web page:

https://my-domain.atlassian.net/plugins/servlet/webhooks

I can set a secret there.
How to set a secret when use REST API?
Or does it generate secret after response? If curl can’t get it, is it possible to get from http header via web redirect?

sunnyape · April 25, 2024, 11:33am

Because only Connect and OAuth 2.0 apps can access that resource, as per the documentation.

BeataSzturemska · April 25, 2024, 11:36am

Hi!
The /rest/api/*/webhook API is available only by apps as @sunnyape higlighted.
Those webhooks are signed with usage of a secret that is shared during the app installation process and this is why not an app user can’t use this API.

If you want to create a webhook as a regular user you can use the API described here.
Note admin permissions are required to perform this operation.

SeikyoCho · April 25, 2024, 2:01pm

Thank you @BeataSzturemska

Note admin permissions are required to perform this operation.

How to confirm and set admin permissions?

I tried to find it out on this page:

Atlassian account

But it shows

Managed account

Your account is managed.
Contact your administrator to change your email address.

I registered the atlassian account by myself, why this account is managed? By who?

BeataSzturemska · April 25, 2024, 6:02pm

If you can see a webhooks configuration page in Jira, it means you have required permissions to add them.

If you are looking for a way to check it programmatically, then you can use /rest/api/3/mypermissions?permissions=ADMINISTER endpoint and parse the value returned in the havePermission field.

In order to grant access for a user, org admin needs to go to https://admin.atlassian.com/, choose the proper instance, later the product (ex. Jira Software), and add the user to the administrators group.

Hope it helps.

SeikyoCho · May 2, 2024, 2:26pm

The webhook registered by /rest/api/*/webhook 's response:

{
  "webhookRegistrationResult": [
    {
      "createdWebhookId": 1
    }
  ]
}

The post request with headers when trigger event:

{
  host: 'my-domain.com',
  'user-agent': 'Atlassian Webhook HTTP Client',
  'content-length': '7269',
  accept: '*/*',
  'accept-encoding': 'gzip,deflate',
  authorization: 'Bearer xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx',
  'content-type': 'application/json; charset=UTF-8',
  'x-atlassian-webhook-flow': 'Primary',
  'x-atlassian-webhook-identifier': '1111111111111111111',
  'x-b3-sampled': '0',
  'x-b3-spanid': '111111111111111111',
  'x-b3-traceid': 'aaaaaaaaaaaaaaaaaaaaaaaaaa',
  'x-forwarded-for': 'IPv6',
  'x-forwarded-host': 'my-domain.com',
  'x-forwarded-proto': 'https'
}