Authenticating Jira Rest API with existing OAuth Token from SSO

Authenticating Jira Rest API with existing OAuth Token from SSO

miniOrange x Stretch

Stretch Enhances API Authentication with Seamless Integration of Jira OAuth SSO and REST API Plugin

Use Case : Authenticating REST APIs using access token obtained from Identity Provider (IDP) during Single Sign-On (SSO)

Stretch is an established miniOrange customer that uses our Jira OAuth SSO plugin for user authentication via IDP. They wanted a solution that would enable users to authenticate REST APIs using the access token obtained during Jira SSO, without having to generate new tokens. To fulfill this requirement, we developed a solution facilitating REST API authentication through the REST API Plugin using the access token obtained during Jira OAuth SSO.

Solution We Provided

We met the aforementioned requirements by making some customizations to both plugins. In the Jira OAuth SSO Plugin, we implemented a process to store the access token received from the IDP after successful user authentication. This access token is encrypted and stored, allowing the user to utilize it for accessing REST APIs.
Meanwhile, in the REST API Plugin, we implemented a process to decrypt the access token and validate it with the IDP. Once the access token is successfully validated by the IDP, the plugin grants access to the JIRA REST APIs.

How the Solution Works

  • When a user attempts to access the Jira Application, they are redirected to the IDP for SSO authentication.
  • Upon successful authentication via the IDP, the Jira OAuth SSO Plugin encrypts and stores the access token.
  • Users can utilize this encrypted token for authentication when accessing the REST API.
  • The REST API Plugin then decrypts and validates the access token using the introspection URL provided by the IDP.
  • Access to the API is granted only upon successful validation of the token.
  • REST API

Key Benefits of the Solution

  • Reduced complexity: Utilizing the SSO access token eliminates the need for users to generate new tokens for API requests, streamlining usability.
  • Automation: Storing the access token in the API enables seamless authentication when accessing REST APIs.
  • Security: Encrypting the access token adds an additional layer of security, minimizing the risk of token theft or interception. Moreover, validating the token through the introspection URL ensures that only valid and authenticated users can access the APIs, bolstering overall system security.

Your needs, Our solution:

Experience the difference with miniOrange, just as Stretch.se did. Need assistance with Single Sign-On (SSO) or our REST API Plugin? Reach out to us at info@xecurify.com or call +1 978 658 9387 for expert support.