How to find out the site authorized by a user during OAuth 2.0 authorization step?

I have created the OAuth 2.0 app in the console and have completed the necessary setups that are required to get an access token.
So, now when I try to get an access token I get the consent screen for authorization by JIRA. If a user has access to multiple sites he/she is presented with a dropdown of all the sites, from which they need to select the site they want to authorize.


After completing this step I am getting the access token which I can use to make various API calls.

This access token didn’t have any details regarding the site that was authorized. So I was wondering if it is possible to find out which site was authorized by the user during the OAuth 2.0 authorization step?

@DevdootMaji,

It is possible for a user to authorize multiple sites. As the flow exists now, there isn’t a way to find which one was the most recently authorized one. But, there is a way your client can get the list of all authorized sites by getting the list of accessible resources. Be careful here; I’ve seen many clients assume the list will only contain 1 member. That might hold true in testing, but that’s not true for all production cases.

Thank You for clarifying my doubt. I do have another question.

So I created the OAuth app and did all the required steps to make it work. I have set the status of the app as Sharing.

I was able to authorize my account using OAuth2 (3LO) and got the access token in exchange. I was able to make various API calls using this.

Then it was time to add a customer to a JSM project and allow them to open issues. I added a customer and logged in with the customer account. I can view the service desks on the JSM portal.

But, when I try to authorize this account using OAuth2 (3LO) it says “Incorrect email address and/or password.”

This account probably falls under the category called portal-only customer accounts.

So I wanted to know, does the customer don’t have the feature to connect to OAuth2 and raise a request via the API?

Unfortunately, no. Just a couple weeks ago I wrote this on a different thread:

The most important part is to watch, vote, and comment on this open issue:
https://jira.atlassian.com/browse/JSDCLOUD-4065

1 Like

Thank You, is there any other workaround by which a Customer with their Portal-only account can make the API calls?

Not to my knowledge.