The root URL for OAuth 2.0 operations is: To simplify development, we have a separate downloadable API spec.
When making an API call, provide the access token as a bearer token in the header of your request. For example, track the expiration time and request a new token before the existing one expires (at least 30-60 seconds prior).
#JIRA CLIENT SETUP CODE#
Write your code to anticipate that a granted token might no longer work. It's set to 15 minutes, but you should check the value in the response.
The expiry time is included in the access token response. The access token expires after a period of time. Your integration can request an access token by calling, providing the OAuth 2.0 credentials (client ID and secret) generated from Jira Software.
#JIRA CLIENT SETUP SOFTWARE#
Authorizing your integrationĪn access token is required to authenticate your integration when calling the Jira Software Cloud APIs. This means that the credentials are not linked to the site admin that created them and that API calls are not made on behalf of the site admin. Note that this is a system-to-system integration. App uses the access token to call the product APIs.Authorization server returns an access token (also known as a JWT Bearer token).App POSTs the client ID and shared secret to the authorization server.This authorization method allows apps with the appropriate permissions to access resources and perform actions in Jira. Jira Software Cloud uses the JWT Bearer token authorization grant type for OAuth 2.0 (2LO). The integration uses the credentials to call the Jira Software APIs and send Jira-related data back to Jira Software Cloud.īefore you build your integration, you need to understand the authorization flow.For example, the credentials may be entered on a plugin screen in the on-premises tool. The site admin provides the credentials to the integration.See Integrating with self-hosted tools using OAuth for details. The site admin grants the permissions (for example, builds, deployments) for the credentials, as desired. A site admin creates OAuth 2.0 credentials (client ID and secret) in Jira Software Cloud.OverviewĪt a high level, this is how an integration that uses OAuth 2.0 works: However at the end of this page, we’ve provided an example integration, the Jira Software Cloud plugin for Jenkins, including a description of how it works and links to the source code. It won’t provide detailed instructions on building an integration (for example, a plugin, a script, etc), as these can vary depending on what you are building. This page provides instructions on implementing OAuth 2.0 authorization and calling the builds API, deployments API, development information API, and feature flags API. Currently, you can integrate with build and deployment tools, such as Jenkins development information from tools like repository managers and feature flag tools. Jira Software Cloud provides OAuth 2.0 credentials that you can use to integrate Jira Software Cloud with on-premises (self-hosted) tools.