Hello, I have a security requirement to rotate / refresh the API Key on an Operations Integration. I want to do this automatically, is there a way to do this with the REST-API ? Thanks
Hello @KyleSouthworth
The information about how to refresh OAuth tokens is described in great detail in the Jira Cloud REST API documentation and also in the OAuth 2.0 documentation.
PS, You don’t refresh keys, you refresh tokens.
Welcome to the Atlassian developer community @KyleSouthworth,
To elaborate on the answer provided by @sunnyape, the ideal way to handle security would be OAuth. However, JSM has been assembled from a number of acquisitions, which means there are still a number of API groups that don’t support Atlassian’s standard OAuth 2.0. For example, JSM Incident management is still tied to API Keys. Moreover, those API Keys are unique to that API group. So, it would greatly help disambiguate your question to point to the specific APIs used in your “Operations Integration” to give you the most precise answer.
Hi ibuchanan
I am using the terminology I can see in the UI. Hopefully this will help you: /jira/settings/products/ops/integrations/
I have a number of AWS Cloudwatch integrations and want to automate the rotation of their API keys. You can do this in the UI by editing the integration, editing the integrations settings and clicking the API key refresh button. Obviously hitting this will render the integration offline until I manually update the AWS SNS Topic subscription within the AWS console. Since we utilise IaC to setup our AWS environments, I want a method to automate the rotation of this integration key. Seeing if this can be done with the REST-API will be the first step. More than likely I will then build an AWS lambda to rotate the key, and update the AWS SNS Topic subscription.
Thanks - I hope this explains further.
Ahh, OK, with that extra information about what you mean by an ‘Operations Integration’ I think I can faithfully say that you’re well and truly out of luck. The mechanism for managing the auth keys and SNS Topic related account information is ‘baked into’ the AWS Cloudwatch plug-in itself and the UI is the only interface for changing that information.
None of the Jira or JSM Operations REST API endpoints have any capability to interact with plug-ins in that manner or to that extent. The only endpoints are these ones that allow you to get basic information about the installed integrations and their actions, or do very basic management.
Thanks for the update…