How to set JWT to get App used by specified user and not my App it self?

matti.kiviharju · January 25, 2021, 5:27pm

Just now if I try to add a work-logs with my app then work-log author is App name it self.

My code is now like this with PHP:

$qsh = hash('sha256', "POST&/rest/api/2/issue/".$issueId."/worklog&");

$iat = (integer) time();
$exp = (integer) time() + 3600;

$token = array(
	"iss" => $appKey, // app key from atlassian-connect.json
	"iat" => $iat,
	"exp" => $exp,
	"qsh" => $qsh
);

$jwt = JWT::encode($token, $secret); // $secrect variable comes from installed.txt file on my server's secret folder with no any access to file from out-side

richard.white · January 25, 2021, 6:36pm

In order to create the worklog as the user, you will need to use User Impersonation as detailed here:
https://developer.atlassian.com/cloud/jira/platform/user-impersonation-for-connect-apps/

matti.kiviharju · January 26, 2021, 2:56pm

Thanks. This documentation will help me a lot but I need t investigate how do it programmatically.