I’m a bit lost. According to the documentation to make a request to the REST API my app has to send the API key. But how to get it? Is it the same which I can generate here → Atlassian account ?
If yes, how my app can get it? Should I generate one and “hardcode” it in the app, or should it be set for every tenant on which my cloud app is installed? I’m a bit lost about this.
how to get it [an API token]? Is it the same which I can generate here → Atlassian account ?
Yes.
But I don’t follow between prior discussion and your recent assertion:
According to the documentation to make a request to the REST API my app has to send the API key.
For Connect, the Security for Connect apps docs explain:
When communicating server-to-server with the Atlassian host product your app uses a JWT token to access protected resources including most of the REST APIs. When you use the frameworks, this is handled for you.
If you are not using the frameworks, you can use JWT libraries to construct a token. See Creating a JWT token and the Atlassian-supported claims that you need to construct.
You should not need or use API tokens for a Connect App.
Hi @ibuchanan . thanks for the reply
As I understand request examples from the REST API (like this) are not for cloud app? According to this documentation I should send API key. Is that correct?
As I understand request examples from the REST API (like this) are not for cloud app? According to this documentation I should send API key. Is that correct?
No. That is not correct.
The docs for that specific request also explain:
Connect app scope required :
ADMIN
And at the top of the doc:
For Connect apps, authentication (JWT-based) is built into the Connect libraries. Authorization is implemented using either scopes (shown as App scope required for operations on this page) or user impersonation. See Security for Connect apps for details.