Wiki

Clone wiki

API Tokens for Jira / Home

API Tokens for Jira/Confluence

How to configure the plugin?

The app has no configurations and works out-of-the-box.

But do not forget about a valid license. Without it users will be able to manage tokens however, authentication via tokens will not work

Invalid_license_message.png

Where can I get a token?

With API Tokens plugin each user will get the ability to manage their tokens on the User's Profile page:

Link_to_profile_page.png

Direct link would be {base_url}/secure/ViewProfile.jspa

For Confluence you should additionally choose Settings tab

On the left side at the bottom of a Summary block should be API tokens block with Create API token button like on the image below:

No_tokens_created_yet.png

Then:

  • Click on Create token button
  • Add a meaningful name for a token
  • Click generate
  • Copy it and use it on automation/integration

How to use API Token?

API Tokens suppose to be used in automation scripts or external integrations that require Jira or Confluence credentials

Here is an example with the curl command

For Jira:
curl -s {baseurl}/rest/api/latest/configuration --user {username}:{token}

For Confluence:
curl -s {baseurl}/rest/api/user/anonymous --user {username}:{token}

General Considerations

  • Highly recommended to use a secure transport layer for tokens sending (SSL/TLS)
  • Good practice to use one token per script
  • Keep tokens in secret as you do for passwords
  • Add meaningful labels to each token

What about Data Center or Jira Service Desk support?

Data Center approval was done for Jira and Confluence.

Jira Service Desk is fully compatible at least from v3.14.2 (but might support even lower versions).

A few technical details

  • Tokens usage is limited to REST API (URL pattern "/rest/*") and HTTP basic access authentication
  • Without a valid license still possible to manage tokens but authentication will not work
  • Each token authentication is logged in the following format:
    {username} has been authenticated via API Token ({token_id})
  • Tokens stored in this table are salted and hashed
  • By these IDs you can track requests in logs
  • All tokens are securely stored in the following table
    • AO_5D4005_TOKEN for Jira
    • AO_2DF51C_TOKEN for Confluence

REST API

Get all tokens

GET {baseurl}/rest/api-tokens/latest/

Response example:

[ { "label":"Test Token", "createdAt":1572887594746, "lastAccessed":null, "id":"asp_DquJoZLwlsNJm6gU" } ]

Create token

POST {baseurl}/rest/api-tokens/latest/

Request Payload:
{"label": "New token"}

Response Example:
{"passwordValue":"oKSi1zHsS8H0wM8merxGJ5zY4BvlA0XV0F6"}

Delete token

DELETE {baseurl}/rest/api-tokens/latest/{id}

Response status code:
204

Delete all tokens for the current user

DELETE {baseurl}/rest/api-tokens/latest/all

Response status code:
204

Admin access only

Get tokens for all users

GET {baseurl}/rest/api-tokens/latest/all

Response status code:
200

Response example:

[
  {
    "username": "admin",
    "count": 2,
    "tokens": [
      {
        "id": 12,
        "label": "Jenkins",
        "usageCount": 12,
        "createdAt": "2024-06-03T17:13:59.304",
        "lastAccessed": "2024-06-04T17:13:00.303",
        "expirationDate": null
      },
      {
        "id": 13,
        "label": "Python script",
        "usageCount": 0,
        "createdAt": "2024-06-03T17:14:05.791",
        "lastAccessed": null,
        "expirationDate": null
      }
    ]
  },
  {
    "username": "user",
    "count": 1,
    "tokens": [
      {
        "id": 14,
        "label": "My Automation",
        "usageCount": 0,
        "createdAt": "2024-06-03T17:15:10.582",
        "lastAccessed": null,
        "expirationDate": "2024-06-04T17:15:10.415"
      }
    ]
  }
]

API Tokens for Jira
API Tokens for Confluence
info@wombatscorp.com

Updated