Reputation: 11
How to call RESTAPI in JIRA without using password
I am trying to to build a plugin for JIRA where I was using REST API. Using Jersey client to connect web resource and getting the JSON response i.e ClientResponse. Here I am using Authorization in header and used Basic type authorization where it needs username and password. I want to use session or any other type of authorization technique because no one provide the password as plain text and then get encrypted both username and password and send the request. So my question is: is there any other way where REST API can be called in JIRA so that I can call other REST API without using password.
My code is :
Client client = Client.create();
String resturl="https://domainname.com/rest/gadget/1.0/currentUser";
WebResource webResource = client.resource(resturl);
ClientResponse response = webResource.header("Authorization", "Basic" + auth).type("application/json").get(ClientResponse.class);
int statusCode = response.getStatus();
String jsonResponse = response.getEntity(String.class);
w.write("Status:"+statusCode);
w.write("Response:"+jsonResponse);
I am getting the response from above code but nobody provides the password in plain text to access the resource. Anybody have any idea about that problem?
Upvotes: 1
Views: 1095
Answers (1)
Reputation: 17009
Authentication
Any authentication that works with JIRA will work with the REST API. The prefered authentication methods are OAuth (examples) and HTTP Basic (when using SSL), which are both documented in the JIRA REST API Tutorials. Other supported methods include HTTP Cookies and Trusted Applications.
JIRA uses cookie-based authentication in the browser, so you can call REST from Javascript on the page and rely on the authentication that the browser has established. To reproduce the behavior of the JIRA log-in page (for example, to display authentication error messages to users) can
POSTto the/auth/1/sessionresource.Authentication for Atlassian Connect add-ons
JIRA add-ons built with Atlassian Connect can use JWT in order to easily and consistently authenticate API requests with JIRA and verify the integrity of query parameters. Consult the Atlassian Connect JWT authentication documentation to learn more.
Upvotes: 1
Related Questions
- How to get value from a JIRA REST API in Postman
- JIRA Creating Bug using Rest Assured API's : AuthenticationException: Invalid Username or Password
- How to make jira attachments download work using jira rest api
- Need to get project/issues from JIRA using JIRA REST API with NodeJS
- Is there a difference when using the Jira Rest API manually vs. programmatically?
- Failure in updating Atlassian Jira label using REST API
- JIRA CLI Commandline Not Authenticating With Password Federation
- Force curl to authenticate against JIRA REST API without specifying password on command line
- JIRA REST API - Basic Authentication