REST API Authentication On Atlassian using Github as OAuth Provider

Enhance API Security for Jira REST APIs with OAuth/API Token plugin will let you authenticate any application (Jira, Confluence, Bitbucket) APIs using any third-party OAuth/OIDC provider or API Tokens. The app supports Azure AD, Keycloak, Okta, AWS Cognito, Google, Github, Slack, Gitlab, Facebook, and any custom provider.

Atlassian provides REST APIs to perform several operations such as Create Page, Delete Page, Add Comment, Create Space, etc. However, it supports only two authentication methods for REST APIs:

1. Basic Authentication

2. Using OAuth 1.0

    Try it for free

Step 1: Configure Github Server:

• Login to GitHub : Go to Github Developer and login with your account. Click on settings.

• Select Developer settings. And Select OAuth Apps and click on Register a new application button.
 
• Enter app credentials : Enter app name, plugin homepage URL. Enter the Application base URL under Authorized callback URL field.
 
• Copy Client ID and Client Secret.
 

Step 2: Fetch Access token through POSTMAN:

• Open the Postman Application (Here is the link to download Postman Application).
• Go to Authorization tab.
• From the dropdown select type as OAuth 2.0 and  click on Get access token.
• Add the following information from the table below.
• Postman starts the authentication flow and prompts you to use the access token.
• Select Add token to the header.



Grant type	Authorization Code or Client Credentials
Callback URL	Enter application's base URL if you dont have a callback URL
Auth URL	https://github.com/login/oauth/authorize
Access token URL	https://github.com/login/oauth/access_token
Client ID	Enter the Github Client ID
Client secret	Enter the Github  Client secret
Scope	Blank
Client Authentication	Send as Basic Auth Header


 
• Copy the Access Token or click on Use Token.
• A sample access token from Github Provider looks like this.

A834c0606ba71336423013699db8e971



                

Step 3: Fetch Username through GitHub:

• Choose the method type as "GET".
• Enter the interoception Endpoint from the plugin to fetch the username in the Request URL. For Github it is "https://api.github.com/user".
• Go to the Authorization tab select the Bearer Token and enter the access token here.
• Add the header "content-type: application/json" and click on Send.

     curl 
                    -X GET 
                    -H "Authorization: Bearer <Access Token>" 
                    -H "Content-type: application/json" 
                    https://api.github.com/user

Copy the attribute value against the username, you will need to configure it in plugin. In this example, the value is "login".

Step 4: Configure the Rest API plugin:

1: Enable Rest API Authentication:

• After installing the app, click on Configure to configure plugin.
• Select the Authentication type and navigate to Oauth/OIDC tab, then click on Configure.
• From the drop down select Github as OAuth Provider.
• Enter the attribute value against which we received the username in the Postman response.
• Save the settings.
• Now navigate to the Global Settings tab.
• Here you will have to Enable the Authentication through Enable REST API Authentication and click on Save.
• To configure the username attribute, click on Get username/email Attribute button.

• Paste the OAuth 2.0 Access token obtained from the OAuth provider and click on Get response.
• In the received response, copy the JSON attribute against which you are receiving the username/email of the user in the local directory and paste it into the Username/Email Attribute input field, and click on Save.

Step 5: Test REST API using access token:

Additional Resources

• Rest API Authentication Methods?
• Azure AD as OAuth Provider/OpenID Connect
• Frequently Asked Questions (FAQs)