Unlike traditional approaches, utilizing client credentials in OAuth 2.0 facilitates authorization without the need to disclose the user's email address or password to an external application. This is suitable for server-to-server communication or machine-to-machine interactions where there is no end-user to grant consent. This means that accessing Jira/Confluence content through APIs becomes more straightforward and secure.
This guide will walk you through the steps to configure authentication through a third-party OAuth token provider, through a Client Credential Grant.
Field | Value |
Provider Name | Enter the OAuth provider name |
Introspection Endpoint | Enter the introspection endpoint using which the token will be validated Eg. http://{providerURL}/oauth2/default/v1/introspect Note: URL pattern might change for different providers |
Redirect URI | Enter the redirect URI where the OAuth provider will redirect the response after validating the token Eg. http://localhost:8080/plugins/servlet/restauth/token Note: Redirect URI is {Base URL}/plugins/servlet/restauth/token |
Client ID | Enter the Client ID given by the provider |
Client secret | Enter the Client Secret given by the provider |
Scope | Include scope if required by the provider Eg. ‘openid email profile’ for okta as the provider |
Service Account username | Enter the username of the service account What is a service account? (on-click slide the info) [API calls are made on behalf of the user. However, when it comes to client credentials we do not want any user to get involved. Thus a new user account is created in the current directory that will be authenticated when a token is authenticated using client credentials.] |
Now that you have configured the details, you can retrieve the token from the provider.
🎊 Test Successful! You can proceed further.
Need Help?
If you encounter any difficulties configuring add-ons, please contact us at atlassiansupport@xecurify.com or raise a support ticket here.
Thank you for your response. We will get back to you soon.
Something went wrong. Please submit your query again
Jira SAML SSO application enables SSO for Jira Software and Jira Service Desk.
Know MoreSecure your Jira Service Management with OAuth/OpenID Connect SSO.
Know MoreEnable 2FA/MFA for users & groups and let users configure 2FA during their first login.
Know MoreBulk Activate, De-activate and Delete inactive users and save the license for Jira.
Know MoreIf you don't find what you are looking for, please contact us at support-atlassian@miniorange.atlassian.net or raise a support ticket here.