1

I am trying to to build a plugin for JIRA where I was using REST API. Using Jersey client to connect web resource and getting the JSON response i.e ClientResponse. Here I am using Authorization in header and used Basic type authorization where it needs username and password. I want to use session or any other type of authorization technique because no one provide the password as plain text and then get encrypted both username and password and send the request. So my question is: is there any other way where REST API can be called in JIRA so that I can call other REST API without using password.
My code is :

    Client client = Client.create();
    String resturl="https://domainname.com/rest/gadget/1.0/currentUser";
    WebResource webResource = client.resource(resturl);
    ClientResponse response = webResource.header("Authorization", "Basic" + auth).type("application/json").get(ClientResponse.class);
    int statusCode = response.getStatus();
    String jsonResponse = response.getEntity(String.class);
    w.write("Status:"+statusCode);
    w.write("Response:"+jsonResponse);

I am getting the response from above code but nobody provides the password in plain text to access the resource. Anybody have any idea about that problem?

Improve this question

1 Answer 1

Reset to default
1

See JIRA REST API Reference:

Authentication

Any authentication that works with JIRA will work with the REST API. The prefered authentication methods are OAuth (examples) and HTTP Basic (when using SSL), which are both documented in the JIRA REST API Tutorials. Other supported methods include HTTP Cookies and Trusted Applications.

JIRA uses cookie-based authentication in the browser, so you can call REST from Javascript on the page and rely on the authentication that the browser has established. To reproduce the behavior of the JIRA log-in page (for example, to display authentication error messages to users) can POST to the /auth/1/session resource.

Authentication for Atlassian Connect add-ons

JIRA add-ons built with Atlassian Connect can use JWT in order to easily and consistently authenticate API requests with JIRA and verify the integrity of query parameters. Consult the Atlassian Connect JWT authentication documentation to learn more.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Can you please provide the working example of OAuth. Because in JIRA documentation, provided only how to get token and use that token. Please provide any working java program. Any help is appreciated.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.