How to fetch the JWT token for Jira Connect Apps

Hi Community, let me explain the entire context here for better understanding.

So, we have an Atlassian connect app named JFrog Security Provider(JSP). Once the app is installed we need to configure the app by providing out internal platform credentials. In our case, these are: JFrog Platform Url and Access token with admin privileges.

Now, we are planning to write automated sanity test in Groovy for the same, and we also have functions in our framework that generates and brings us the Platform Url and the Access token.

Once these are fetched, while making any API call to the JSP Connect App, we need to attach the JWT token in the authorisation header of our request. Now, since the JWT token is injected by Atlassian after the installation, and it needs to be secured, there is no way I can retrieve the JWT token and hence, unable to make any API call.

As a result of which, we cannot write the automated E2E sanity tests for our use case.

Let me explain the flow of one of our test functions:

Objective: Test platform configuration

→ Host a temporary dev2cloud environment for the tests to run and fetch the platform URL. (Works as expected)

→ Generate the admin access token from the platform and store it. (Works as expected)

→ Fetch the UPM token from Jira, and install the Connect App. (Works as expected)

→ Make a POST call to the installed JSP Connect App to configure with JFrog platform. This step requires the JWT token and hence failing due to JWT token unavailability and therefore getting 401 Unauthorised error as a response. (Need help here)

Is there any way, we can retrieve the JWT token as part of our current use case?

Hi @SoumikMukherjee ,

Welcome to the community.

As per my understanding, since you’re building a connect app, you must have initialised your atlassian-connect.json file. Can you locate any “module” key in it in which you may have defined some “general pages”. If so, could you verify if there are any so that I can assist you further based on the information.