Authenticating Jira Rest API with existing OAuth Token from SSO

Stretch Enhances API Authentication with Seamless Integration of Jira OAuth SSO and REST API Plugin

We met the aforementioned requirements by making some customizations to both plugins. In the Jira OAuth SSO Plugin, we implemented a process to store the access token received from the IDP after successful user authentication. This access token is encrypted and stored, allowing the user to utilize it for accessing REST APIs.
Meanwhile, in the REST API Plugin, we implemented a process to decrypt the access token and validate it with the IDP. Once the access token is successfully validated by the IDP, the plugin grants access to the JIRA REST APIs.

• When a user attempts to access the Jira Application, they are redirected to the IDP for SSO authentication.
• Upon successful authentication via the IDP, the Jira OAuth SSO Plugin encrypts and stores the access token.
• Users can utilize this encrypted token for authentication when accessing the REST API.
• The REST API Plugin then decrypts and validates the access token using the introspection URL provided by the IDP.
• Access to the API is granted only upon successful validation of the token.

• Reduced complexity: Utilizing the SSO access token eliminates the need for users to generate new tokens for API requests, streamlining usability.
• Automation: Storing the access token in the API enables seamless authentication when accessing REST APIs.
• Security: Encrypting the access token adds an additional layer of security, minimizing the risk of token theft or interception. Moreover, validating the token through the introspection URL ensures that only valid and authenticated users can access the APIs, bolstering overall system security.

Experience the difference with miniOrange, just as Stretch.se did. Need assistance with Single Sign-On (SSO) or our REST API Plugin? Reach out to us at info@xecurify.com or call +1 978 658 9387 for expert support.