We are creating a plugin for JIRA report generation that accesses various fields via REST APIs. To accomplish this, our code requires valid authentication credentials—whether that be a username and password combination or dedicated authentication tokens. Since JIRA does not provide direct access to stored passwords, we are seeking guidance on how to obtain these REST authentication tokens. Additionally, a helper class in our project utilizes REST requests to fetch custom field data. Any insights on the proper approach?
i ended up retrieving tokens by directly calling the login endpt and then parsing the returned json. this simple httprequest method worked well, though i had to adjust error handling when json parsing failed unexpectedly. its a straight-forward approach if you manage session timeouts correctly.
During a similar implementation, I used JIRA’s session creation endpoint to generate authentication tokens on the fly. The method involves making an HTTP POST call to the /rest/auth/1/session endpoint with valid credentials. In response, you receive a JSON object including a session cookie which acts as your authentication token for subsequent REST calls. This approach bypasses the need for storing passwords directly in your code. I also considered using API tokens for Atlassian Cloud. Remember to handle session expiry and implement proper error handling as part of your integration.
In my last project involving JIRA integration, I found that using OAuth to retrieve REST authentication tokens was the most secure option. Initially, I considered utilizing the session creation endpoint similar to traditional approaches but chose OAuth after learning about its enhanced security features. Setting up OAuth was a bit more time-consuming and required creating proper application links within JIRA; however, the benefits far outweighed the challenges. I dealt with token expiration by implementing a refresh mechanism to ensure continuous access through automated token renewal. Despite some early hurdles, the robustness of this approach proved invaluable over time.