JIRA REST API Access via JAVA using JWT


We are trying to access JIRA REST API for creating / reading the issues e.g. https://thegarden.atlassian.net/rest/api/2/issue/EE-59.

Can you please share some samples that how we can generate JWTs?

Just to give you more background:

We have already integrated zephyr in JIRA and accessing it’s REST API using JWT which is getting generated using accesKey and secretKey in ZAPI.

Now to go to next level we have to create the Issues in JIRA in case a test is failed.

so for that we have to access JIRA REST API and perform the actions.

Can you please share the information on how we can generate JWT using JAVA and consume it for GET/POST event on JIRA REST?


The short answer is to use the atlassian-jwt library. And follow the Java code example found in JIRA’s JWT documentation. Let us know if you run into any specific problems.

Hey @ibuchanan,

Thanks for the answer.

I found the library and sample implementation.

However issue is that for REST Access do i need to ‘mandatorily’ create a Add-on and then get the consumer/secret keys etc and then generate JWT out of it.

Or is there a way in JIRA wherein I can get my access Keys and use them to generate the JWT?

Best Regards,

In the link above:

String key = “atlassian-connect-addon”; //the key from the add-on descriptor
String sharedSecret = “…”; //the sharedsecret key received
//during the add-on installation handshake

What is the key and sharedSecret?

String method = “GET”;
String baseUrl = “https://thegarden.atlassian.net/”;
String contextPath = “/”;
String apiPath = “/rest/api/2/issue/EE-59”;

JWT is not mandatory. But it has many benefits over the alternatives like using Basic auth or OAuth 1.0.

I wonder if you have discovered Atlassian Connect Spring Boot? It’s a Java framework that helps you avoid worrying about many of the tedious aspects of handling lifecycle callbacks and generating JWT.

If you’re not using the Spring Boot framework and just have plain Java, then the most difficult part creating JWT is Atlassian’s custom claim, the query string hash, or just QSH. Hence, fall back to the atlassian-jwt library above.