Rest API V3 URLs: should site-url be api.atlassian.com or specific instance host?

As we are building a new Oauth 2 3LO based app, we are following the excellent docs.
It suggests that with the resulting access token, we should make requests to api.atlassian.com using this base URL:

api.atlassian.com/ex/jira/11223344-a1b2-3b33-c444-def123456789/rest/api/2

However, the main REST API V3 docs (I cannot post the link here as I’m a new user) suggest using the specific instance host:

your-domain.atlassian.net/rest/api/3/

Which way is the right way today and in the future? Does it depend on whether we are using Oauth2, or whether we want API v2 or v3?

Thanks,
Jackie

1 Like

Hi @JackieTung,

The Jira REST API supports being called by both OAuth 2.0 (3LO) apps and Connect apps. OAuth 2.0 (3LO) apps must use api.atlassian.com whilst Connect apps must use your-domain.atlassian.net. The different base URLs are based on differences in the way we authenticate and authorize requests.

Regards,
Dugald

1 Like

Very clear, thank you.

Thank you for the quick answer, I am facing an issue in this context and would like to confirm my setup is correct.

I have a Connect App installed in my JIRA cloud instance, in development mode, which has a webhook defined for Project creation.

When my app receive a call to the project_creation webhook, I want to create an Issue webhook via the /rest/api/2/webhook.

The connected app is written in NodeJS and I am using Axios library to make a POST request to the issue creation webhook API.

In this request I correctly set the OAuth 2.0 authorization token but always get

  • 400 error response using the api.atlassian.com/ex/jira/<cloudId>/rest/api/2/webhook
  • a 401 “client must be authenticated to access this resource” when using <my-project>.atlassian.net/rest/api/2/webhook

What would be the correct way to authenticate a call to JIRA REST API from within a Connect App?

If JWT is intended to be used in this case, can you give me an example on how to generate the JWT token for the REST API call, using the atlassian-connect-express?

Thank you!

Answering myself: Atlassian-Connect-Express comes with a utility httpClient based on Request, which automatically handle the JWT token for REST API requests:
https://bitbucket.org/atlassian/atlassian-connect-express/src/master/README.md see section " How to send a signed outbound HTTP request back to the host" in README.md.

Specifically, the part of the ACE library handling the JWT is here, I paste as a note for future me or whoever might be interesting in knowing how this works, since Request library has been deprecated in Feb 2020, might get handy to see how to replicate this utility using other libraries for REST API request.

OAuth does not seems related here, I mixed different types of Atlassian Apps I guess