PAT Authentication Roadblock in Jira App DC

Hello,

We are currently working on implementing Personal Access Token (PAT) authentication in our Jira DC app to support authentication from a third party software. However, we’ve encountered critical challenges due to limitations in Jira’s Seraph authentication flow:

*Seraph natively supports only Basic Auth and form-based authentication. It does not handle Bearer tokens (PATs) by default.

  • Seraph filters execute before any custom servlet filters, which prevents our custom PAT validation filter from being invoked early enough to authenticate incoming requests.
  • As a result, we are unable to authenticate the PAT provided in our third party software before Seraph rejects the request.

Could you please advise on how to best implement PAT authentication in this scenario? Specifically:

  • Are there recommended approaches or configurations to enable token-based authentication alongside Seraph?
  • Is there any configuration or extension point available within Jira or Seraph to support early processing of Bearer tokens?

Your guidance on this would be highly appreciated.

Thanks.