How to find out the site authorized by a user during OAuth 2.0 authorization step?

I have created the OAuth 2.0 app in the console and have completed the necessary setups that are required to get an access token.
So, now when I try to get an access token I get the consent screen for authorization by JIRA. If a user has access to multiple sites he/she is presented with a dropdown of all the sites, from which they need to select the site they want to authorize.


After completing this step I am getting the access token which I can use to make various API calls.

This access token didn’t have any details regarding the site that was authorized. So I was wondering if it is possible to find out which site was authorized by the user during the OAuth 2.0 authorization step?

1 Like

@DevdootMaji,

It is possible for a user to authorize multiple sites. As the flow exists now, there isn’t a way to find which one was the most recently authorized one. But, there is a way your client can get the list of all authorized sites by getting the list of accessible resources. Be careful here; I’ve seen many clients assume the list will only contain 1 member. That might hold true in testing, but that’s not true for all production cases.

Thank You for clarifying my doubt. I do have another question.

So I created the OAuth app and did all the required steps to make it work. I have set the status of the app as Sharing.

I was able to authorize my account using OAuth2 (3LO) and got the access token in exchange. I was able to make various API calls using this.

Then it was time to add a customer to a JSM project and allow them to open issues. I added a customer and logged in with the customer account. I can view the service desks on the JSM portal.

But, when I try to authorize this account using OAuth2 (3LO) it says “Incorrect email address and/or password.”

This account probably falls under the category called portal-only customer accounts.

So I wanted to know, does the customer don’t have the feature to connect to OAuth2 and raise a request via the API?

Unfortunately, no. Just a couple weeks ago I wrote this on a different thread:

The most important part is to watch, vote, and comment on this open issue:
https://jira.atlassian.com/browse/JSDCLOUD-4065

1 Like

Thank You, is there any other workaround by which a Customer with their Portal-only account can make the API calls?

Not to my knowledge.

So when user’s account has access to multiple sites and exact site was selected in OAuth2 form (field “Authorize for” in consent screen), there are no way how to track this selection, right?
Is it a problem to return it as additional parameter in redirect URI?

Seems application have to implement additional query to user for the same thing … site selection from list. Doesn’t this look weird?

1 Like

Hey @ibuchanan do we have any solution to find which option was selected in the authorization page?