I also have a forge app which displays additional content on the jira tickets.
As per the article I will need to create a separate OAuth App to be able to authenticate from an external source. That does not make sense. So I will need to ask my users to install two separate apps? One to display info on the ticket and another one to be able to create access Jira api from outside?
Hi @PG1 - yes, it is frustrating at the moment that we don’t have a good way to share authentication between a Forge app and an external service.
You could create a secondary OAuth client as you describe, but the user will have to authenticate twice to fully use all your functionality.
Alternatively, you could use a Forge Web Trigger module to expose a URL for invoking a forge function, and then use that as an RPC-style mechanism for your remote service to call Jira APIs.
(Note: Because Web Triggers are unauthenticated, it would be important for you to ensure that you validate the incoming request to the web trigger to make sure it is authentic).
We are planning some improvements for this specific problem over the next 6-12 months, but no details I can share yet.