JIRA OAuth API Options

ThijsLecomte · February 5, 2021, 10:19am

Hi all

I am currently trying to integrate a third party application to JIRA.
This application will create issues within JIRA Service Management - Cloud.

I am using the JIRA API with Basic Auth right now, but I want to switch Oauth Authentication.
But I am utterly confused by the documentation on which Auth to use and how.
Seems that there are two ways:
OAuth for REST APIs - https://developer.atlassian.com/cloud/jira/platform/jira-rest-api-oauth-authentication/
OAuth 2.0 (3LO) apps - https://developer.atlassian.com/cloud/jira/platform/oauth-2-3lo-apps/

For the use case I have, so a backend application creating issues in JIRA, which should I use?

Thank you in advance.

Kind regards
Thijs

bentley · February 24, 2021, 5:55pm

A clarifying question: do you want the application to create issues as the application or on behalf of a user? The former, I believe would use a 2LO (2 legged-auth) flow and the latter a 3LO (3 legged-auth).

It might also be worth editing the topic and moving it to the JSM Cloud Category as that Category is specifically for JSM Cloud conversations.

ThijsLecomte · February 24, 2021, 7:17pm

Thanks for the response. I am trying to do it as an application. Do you have the posibilities to provide some examples on how to do this?

I will update the category, can you ping a few folks to look into this?

Thank you!

ibuchanan · February 24, 2021, 9:11pm

@ThijsLecomte thanks for posting and welcome to the community.

I strongly recommend OAuth 2.0 (3LO) apps - https://developer.atlassian.com/cloud/jira/platform/oauth-2-3lo-apps/

The other is OAuth 1.0a. It is difficult to configure and use. Frankly, it’s not well documented because it’s more a “legacy” option that grew up in the world of on-premise Server. “That way leads to madness.”