Differences

This shows you the differences between two versions of the page.

--- 711:process_feedback_jira [2025/01/07 15:02] – [Basic Authentication] Policnik, Florian
+++ 711:process_feedback_jira [2025/11/19 12:07] (current) – Policnik, Florian
@@ Line 71: / Line 71: @@
 ===== Authentication =====
-There are different ways to authenticate with Jira Server. Most common are Basic Authentication and Personal Access Tokens (Bearer).
+There are different authentication methods for Jira Data Center and Jira Cloud. Choose the method that works best for your system.
-==== Basic Authentication ====
+==== Jira Data Center ====
-You need credentials for a (technical) user who is allowed to create issues in the Jira project.
+=== Username / Password Authentication ===
+You need the credentials of a (technical) user who is authorized to create issues in the Jira project.
+  * The ''user'' and ''password'' are the username and password of the user.
+  * [[https://confluence.atlassian.com/enterprise/disabling-basic-authentication-1044776464.html|Basic authentication must not be disabled]]
 <code xml>
@@ Line 83: / Line 88: @@
 </code>
-=== Jira Data Center with username and password ===
-  * The ''user'' and ''password'' are the normal username and password of the user.
-  * [[https://confluence.atlassian.com/enterprise/disabling-basic-authentication-1044776464.html|Basic authentication must not be deactivated]]
-=== Jira Cloud API-Token ===
+=== Personal Access Tokens ===
-In Jira cloud there are no usernames. The ''username'' is the mail address (e.g. ''john.doe@example.com''). The **password is a API-Token** and not the password of the user. You can create a token in your [[https://id.atlassian.com/manage-profile/security/api-tokens|Atlassian Account Management]].
+Since Jira Data Center 8.14 it is possible to [[https://confluence.atlassian.com/enterprise/using-personal-access-tokens-1026032365.html|generate Personal Access Tokens]] to authenticate with Jira.
+<code xml>
+<property name="authentication.type" value="bearer" />
+<property name="bearer" value="NTkzMzQ1ODIyNTAwOtuxKyI7Q2dPtIVtSTr7+Viwg6H3" />
+</code>
+==== Jira Cloud ====
+A [[https://id.atlassian.com/manage-profile/security/api-tokens|Jira user can request API tokens]] with and without scopes. An [[https://support.atlassian.com/user-management/docs/understand-service-accounts/|Atlassian service account]] can only [[https://support.atlassian.com/user-management/docs/manage-api-tokens-for-service-accounts/|obtain API tokens with scopes]].
+In order to create a feedback issue, the user or service account needs to have write access to the specific project.
+=== API token without scopes ===
+In Jira Cloud, the ''user'' property is the email address (e.g. ''john.doe@example.com''). The API token, not the user's password, is used for the ''password'' property:
 <code xml>
@@ Line 95: / Line 114: @@
 <property name="password" value="ATATT3xS68pShK-hY6D84jrZdck3wHFEYraLpRqgvXA8mcPxiAPYfLpkBvQZm5g-mP3JkfCYnvePqLAjSssTQAmjKACSgXcrffEbKDLmv2jJpj_KGs7R2LfQHgbe5v-6FMwLx66pPsAuxJdzdR8Sx92JHuoFctJ6VCKozo5Q_F3hEFQwKWw2G-U=5AF3BC19" />
 </code>
-==== Personal Access Tokens (Bearer) Authentication on Jira Data Center ====
-Since Jira 8.14 it is possible to [[https://confluence.atlassian.com/enterprise/using-personal-access-tokens-1026032365.html|generate Personal Access Tokens]] to authenticate with Jira.
+=== API token with scopes ===
+One of the following scopes needs do be configured for the API token:
+  * Classic: ''write:jira-work''
+  * Granular: ''write:issue:jira''
+In Jira Cloud, the ''user'' property is the email address (e.g. ''example-4jaisfjasdjf@serviceaccount.atlassian.com''). The API token, not the user's password, is used for the ''password'' property:
+Tokens with scopes have to use a special REST endpoint provided by Atlassian. The URL of the Endpoint contains the [[https://support.atlassian.com/jira/kb/retrieve-my-atlassian-sites-cloud-id/|cloud id of your Jira Cloud instance]]. The endpoint has a specific format that must be specified in the configuration:
+''<nowiki>https://api.atlassian.com/ex/jira/{cloud-id}/rest/</nowiki>''
 <code xml>
-<property name="authentication.type" value="bearer" />
+<property name="authentication.type" value="basic" />
-<property name="bearer" value="NTkzMzQ1ODIyNTAwOtuxKyI7Q2dPtIVtSTr7+Viwg6H3" />
+<property name="user" value="example-4jaisfjasdjf@serviceaccount.atlassian.com" />
+<property name="password" value="ATATT3xS68pShK-hY6D84jrZdck3wHFEYraLpRqgvXA8mcPxiAPYfLpkBvQZm5g-mP3JkfCYnvePqLAjSssTQAmjKACSgXcrffEbKDLmv2jJpj_KGs7R2LfQHgbe5v-6FMwLx66pPsAuxJdzdR8Sx92JHuoFctJ6VCKozo5Q_F3hEFQwKWw2G-U=5AF3BC19" />
+<property name="jira.rest.endpoint" value="https://api.atlassian.com/ex/jira/11111111-1111-1111-1111-111111111111/rest/" />
 </code>
@@ Line 133: / Line 164: @@
 </code>
-==== No Authentication (Since Stages 7.9.10.0 / 7.10.1.0) ====
+==== No Authentication ====
 **This is a very special use case for a specific API gateway and not a standard Jira feature.**
@@ Line 149: / Line 180: @@
   * URL Field: ''targetType=""'' (Empty)
   * Select List (single choice): ''targetType="selectList-singleChoice"''
-  * Select List (multiple choices): ''targetType="selectList-multipleChoice"'' (Since Stages 7.9.10.0 / 7.10.1.0)
+  * Select List (multiple choices): ''targetType="selectList-multipleChoice"''
   * User Picker (single user): ''targetType="user-singleChoice"'' (Only Jira Server, not Jira Cloud)
-  * User Picker (multiple users): ''targetType="user-multipleChoice"'' (Since Stages 7.9.10.0 / 7.10.1.0, Only Jira Server, not Jira Cloud)
+  * User Picker (multiple users): ''targetType="user-multipleChoice"'' (Only Jira Server, not Jira Cloud)
   * Assignee: ''target="assignee" targetType="user-singleChoice"'' (Only Jira Server, not Jira Cloud)
   * Reporter: ''target="reporter" targetType="user-singleChoice"'' (Only Jira Server, not Jira Cloud)
   * Components: ''target="components" targetType="components"''
-  * Radio Buttons: ''targetType="radio"'' (Since Stages 7.9.10.0 / 7.10.1.0)
+  * Radio Buttons: ''targetType="radio"''
-  * Checkboxes: ''targetType="checkbox"'' (Since Stages 7.9.10.0 / 7.10.1.0)
+  * Checkboxes: ''targetType="checkbox"''
-  * Labels: ''targetType="labels"'' (Since Stages 7.9.10.0 / 7.10.1.0)
+  * Labels: ''targetType="labels"''
-  * Affects Versions: ''target="versions" targetType="version-multipleChoice"'' (Since Stages 7.9.10.0 / 7.10.1.0)
+  * Affects Versions: ''target="versions" targetType="version-multipleChoice"''
-  * Fix Versions: ''target="fixVersions" targetType="version-multipleChoice"'' (Since Stages 7.9.10.0 / 7.10.1.0)
+  * Fix Versions: ''target="fixVersions" targetType="version-multipleChoice"''
-  * Version Picker (single version):  ''targetType="version-singleChoice"'' (Since Stages 7.9.10.0 / 7.10.1.0)
+  * Version Picker (single version):  ''targetType="version-singleChoice"''
-  * Version Picker (multiple versions): ''targetType="version-multipleChoice"'' (Since Stages 7.9.10.0 / 7.10.1.0)
+  * Version Picker (multiple versions): ''targetType="version-multipleChoice"''
 **Be aware**:
@@ Line 207: / Line 238: @@
   * Find the right user
   * Click on the "Reset Failed Login Count" link in the "Login Details" column.