Jira Connect App authenticate with JWT

[Darkbound]

Hello,

I am in the process of building a Jira Connect App that I want to use to integrate my app with Jira spaces.

However, the Jira Connect Apps seem to be authenticating in a way that I don't see in the currently supported list of options, or I don't know exactly how to use the ones that currently exist, since the JWT generation depends on the key of the app, the specific path to the resource that I want to access, for example /rest/api/3/issue/ISSUE-1 and so on.

Is there a built in way to do this?

I love the package otherwise, I have used it for personal projects and now I want to go deeper into Jira.

Thanks

[MrRefactoring]

Hello @Darkbound! I had JWT auth in v2 of library. But don't have any info it was worked or not. Could you please install v2 and test it. After that I expect any info about results here

https://www.npmjs.com/package/jira.js/v/2.20.1

Thank you!

[Darkbound]

Hello @MrRefactoring thanks for getting back to me, I tested the older version and indeed it seems to be working. Would it be possible for you to re-add it? This is the only way to authenticate when integrating another platform with Jira basically, because the preferred way of doing it is with an App, that way we can generate tokens on the fly whenever needed, instead of having to deal with OAuth2 and bind the integration to a user instead of the whole Jira space.

I actually even forked it last night and was about to do it on my own, but luckily you replied quickly :D

[MrRefactoring]

Please describe me how to issue needed auth data for writing integration test?

[Darkbound]

@MrRefactoring what do you mean? You have it working in the previous version as you pointed out, is it not enough to simply restore the removed code?

https://github.com/MrRefactoring/jira.js/pull/284/files

In this PR you removed JWT and Oauth1, the JWT code is correct, it just needs to be restored.

[MrRefactoring]

I need to write a tests for this case. And also wanna save browser capability (reason why I cannot just restore removed code).

At the moment I have needed info how to generate issuer, secret data somewhere in jira admin console

[Darkbound]

@MrRefactoring ok so you need to create a Jira Connect App https://developer.atlassian.com/cloud/jira/platform/getting-started-with-connect/

You can serve the atlassian-connect.json with a simple http server as shown in the guide.

You will also need to provide a webhook endpoint for /installed when you install the App in jira they will send you a json payload that contains the sharedSecret and the issuer is the key that you wrote in the atlassian-connect.json

Then you can use these two to authenticate

[MrRefactoring]

Thank you. Need to try it

[Darkbound]

@MrRefactoring I did it with Next.js because its easiest to provide the endpoints, because they need to be under the same base url.

Let me know how hit goes :)

[MrRefactoring]

Yup, I will let you know when I will have a chance to look :)

[erdinc]

any updates on this? I have the same issue in version 3.

[MrRefactoring]

any updates on this? I have the same issue in version 3.

Hello! Unfortunately, I haven't had the opportunity to investigate this issue yet. My apologies for the inconvenience.

[Darkbound]

any updates on this? I have the same issue in version 3.

For now the solution is to use the older version it works perfectly fine there

This is what we did