Wiki
Clone wikiAPI Tokens for Jira / Home
API Tokens for Jira/Confluence
How to configure the plugin?
Plugin has no configurations and works out-of-the-box.
But do not forget about a valid license. Without it users will be able to manage tokens however, authentication via tokens will not work
Where can I get a token?
With API Tokens plugin each user will get an ability to manage own tokens on the User's Profile page:
Direct link would be {base_url}/secure/ViewProfile.jspa
For Confluecne you should additionally choose Settings tab
On the left side in the bottom of a Summary block should be API tokens block with Create API token button like on image bellow:
Then:
- Click on Create token button
- Add a meaningful name for a token
- Click generate
- Copy it and use on automation/integration
How to use API Token?
API Tokens suppose to be used in automation scripts or external integrations that requires Jira or Confluence credentials
Here is an example with curl command
For Jira:
curl -s {baseurl}/rest/api/latest/configuration --user {username}:{token}
For Confluence:
curl -s {baseurl}/rest/api/user/anonymous --user {username}:{token}
General Considerations
- Highly recomended to use secure transport layer for tokens sending (SSL/TLS)
- Good practice to use one token per one script
- Keep tokens in secret as you do for passwords
- Add meaningful labels to each token
What about Data Center or Jira Service Desk support?
Data Center approval done for Jira and for Confluence.
Jira Service Desk fully compatiable at least from v3.14.2 (but might support even lower versions).
A few technical details
- Tokens usage is limited to REST API (URL pattern "/rest/*") and HTTP basic access authentication
- Without valid license still posible to manage tokens but authentication will not work
- Each token authentication logged in followin format:
{username} has been authenticated via API Token ({token_id})
- Tokens stored in this table salted and hashed
- By this IDs you can track requests in logs
- All tokens securely stored in following table
- AO_5D4005_TOKEN for Jira
- AO_2DF51C_TOKEN for Confluence
REST API
Get all tokens
GET {baseurl}/rest/api-tokens/latest/
Response example:
[ { "label":"Test Token", "createdAt":1572887594746, "lastAccessed":null, "id":"asp_DquJoZLwlsNJm6gU" } ]
Create token
POST {baseurl}/rest/api-tokens/latest/
Request Payload:
{"label": "New token"}
Response Example:
{"passwordValue":"oKSi1zHsS8H0wM8merxGJ5zY4BvlA0XV0F6"}
Delete token
DELETE {baseurl}/rest/api-tokens/latest/{id}
Response status code:
204
Delete all tokens for current user
DELETE {baseurl}/rest/api-tokens/latest/all
Response status code:
204
API Tokens for Jira
API Tokens for Confluence
info@wombatscorp.com
Updated