I am integrating Jira Cloud using the OAuth 2.0 (3LO) authorization flow. During the consent screen, the user is asked to select a specific Jira site (cloud instance). However, after the access token is issued, when I call the /oauth/token/accessible-resources endpoint, I receive multiple cloud sites, and there is no clear way to identify which one was selected by the user during the consent step.
My concern is:
- I only want to connect the user to the specific Jira site they selected during consent.
- The returned cloud IDs all have the same scopes, so I cannot filter by permissions.
- There is no indication in the access token response or accessible-resources response to determine the selected site.
Questions:
- Is there a supported way to retrieve the specific cloud ID the user selected on the consent screen?
- If not, is this expected behavior? Is there a workaround you recommend beyond asking the user to pick the site again after authentication?
Thanks in advance for your help.