I’m trying to figure out how I can build an OAuth integration with Jira.
It seems it is possible but I need your help to figure out something:
- Can I use just one OAuth integration for both Jira Cloud and Jira server?
- Is there any review process for the OAuth integration?
Thanks in advance
Hi @Joo, welcome to the Atlassian developer community.
Can I use just one OAuth integration for both Jira Cloud and Jira server?
No, with 1 exception: OAuth 1.0a. This is same in both Cloud and Server/Data Center. But I strongly advise against using it. The guide documentation can be hard to follow and there isn’t a good foundation of reference documentation. In both Cloud and Server/Data Center there are desires to retire the technology (to be clear, desire is not a plan). Overall, I have worked with developers using OAuth 1.0a and it is painful for all involved.
Is there any review process for the OAuth integration?
Yes, for Jira Cloud. As described in the 3LO documentation, review is necessary for distributing 3LO apps.
Thank you for your answer.
Ok, so I should follow this documentation for the Jira Cloud and this one. Am I right?
About the review process… The idea is not to distribute this as a Jira add-on or app. I’m planning to build an integration with Jira. This is for our users to be able to use their own projects’ data in our app. Is the review process also needed for this use case?
Yes, you have the right documentation.
The term “distribution” is overloaded here. Everyone understands the meaning of distribution as putting it on Marketplace so anyone can use it. But read the documentation closely and you will find:
OAuth 2.0 (3LO) apps are installed on a per-user basis, so you’ll have to send the link to all the users you want to grant access to.
In other words, if you want other people to use the integration, then you still must submit a ticket for review.