Differences

This shows you the differences between two versions of the page.

--- 712:process_feedback_jira [2025/04/15 14:23] – Policnik, Florian
+++ 712:process_feedback_jira [2025/11/19 12:32] (current) – Policnik, Florian
@@ Line 85: / Line 85: @@
 ===== Authentication =====
-There are different ways to authenticate with Jira Server. Most common are Basic Authentication and Personal Access Tokens (Bearer).
+There are different authentication methods for Jira Data Center and Jira Cloud. Choose the method that works best for your system.
-==== Basic Authentication ====
+==== Jira Data Center ====
-You need credentials for a (technical) user who is allowed to create issues in the Jira project.
+=== Username / Password Authentication ===
-=== Jira Data Center with username and password ===
+You need the credentials of a (technical) user who is authorized to create issues in the Jira project.
-  * The ''user'' and ''password'' are the normal username and password of the user.
-  * [[https://confluence.atlassian.com/enterprise/disabling-basic-authentication-1044776464.html|Basic authentication must not be deactivated]]
+  * The ''user'' and ''password'' are the username and password of the user.
+  * [[https://confluence.atlassian.com/enterprise/disabling-basic-authentication-1044776464.html|Basic authentication must not be disabled]]
 <code xml>
+<property name="jira.variant" value="data-center" />
 <property name="authentication.type" value="basic" />
 <property name="user" value="jdoe" />
@@ Line 101: / Line 103: @@
 </code>
-=== Jira Cloud with API-Token ===
-In Jira cloud there are no usernames. The ''username'' is the mail address (e.g. ''john.doe@example.com''). The **password is a API-Token** and not the password of the user. You can create a token in your [[https://id.atlassian.com/manage-profile/security/api-tokens|Atlassian Account Management]].
+=== Personal Access Tokens ===
+Since Jira Data Center 8.14 it is possible to [[https://confluence.atlassian.com/enterprise/using-personal-access-tokens-1026032365.html|generate Personal Access Tokens]] to authenticate with Jira.
+<code xml>
+<property name="jira.variant" value="data-center" />
+<property name="authentication.type" value="bearer" />
+<property name="bearer" value="NTkzMzQ1ODIyNTAwOtuxKyI7Q2dPtIVtSTr7+Viwg6H3" />
+</code>
+==== Jira Cloud ====
+A [[https://id.atlassian.com/manage-profile/security/api-tokens|Jira user can request API tokens]] with and without scopes. An [[https://support.atlassian.com/user-management/docs/understand-service-accounts/|Atlassian service account]] can only [[https://support.atlassian.com/user-management/docs/manage-api-tokens-for-service-accounts/|obtain API tokens with scopes]].
+In order to create a feedback issue, the user or service account needs to have write access to the specific project.
+=== API token without scopes ===
+In Jira Cloud, the ''user'' property is the email address (e.g. ''john.doe@example.com''). The API token, not the user's password, is used for the ''password'' property:
 <code xml>
+<property name="jira.variant" value="cloud" />
 <property name="authentication.type" value="basic" />
 <property name="user" value="john.doe@example.com" />
 <property name="password" value="ATATT3xS68pShK-hY6D84jrZdck3wHFEYraLpRqgvXA8mcPxiAPYfLpkBvQZm5g-mP3JkfCYnvePqLAjSssTQAmjKACSgXcrffEbKDLmv2jJpj_KGs7R2LfQHgbe5v-6FMwLx66pPsAuxJdzdR8Sx92JHuoFctJ6VCKozo5Q_F3hEFQwKWw2G-U=5AF3BC19" />
 </code>
-==== Personal Access Tokens (Bearer) Authentication on Jira Data Center ====
-Since Jira Data Center 8.14 it is possible to [[https://confluence.atlassian.com/enterprise/using-personal-access-tokens-1026032365.html|generate Personal Access Tokens]] to authenticate with Jira.
+=== API token with scopes ===
+One of the following scopes needs do be configured for the API token:
+  * Classic: ''write:jira-work''
+  * Granular: ''write:issue:jira''
+If you want to map a value to a user field in Jira (targetType ''user-singleChoice'' or ''user-multipleChoice'') you need in addition one of the following scopes:
+  * Classic: ''read:jira-user''
+  * Granular: ''read:user:jira''
+In Jira Cloud, the ''user'' property is the email address (e.g. ''example-4jaisfjasdjf@serviceaccount.atlassian.com''). The API token, not the user's password, is used for the ''password'' property:
+Tokens with scopes have to use a special REST endpoint provided by Atlassian. The URL of the Endpoint contains the [[https://support.atlassian.com/jira/kb/retrieve-my-atlassian-sites-cloud-id/|cloud id of your Jira Cloud instance]]. The endpoint has a specific format that must be specified in the configuration:
+''<nowiki>https://api.atlassian.com/ex/jira/{cloud-id}/rest/</nowiki>''
 <code xml>
-<property name="authentication.type" value="bearer" />
+<property name="jira.variant" value="cloud" />
-<property name="bearer" value="NTkzMzQ1ODIyNTAwOtuxKyI7Q2dPtIVtSTr7+Viwg6H3" />
+<property name="authentication.type" value="basic" />
+<property name="user" value="example-4jaisfjasdjf@serviceaccount.atlassian.com" />
+<property name="password" value="ATATT3xS68pShK-hY6D84jrZdck3wHFEYraLpRqgvXA8mcPxiAPYfLpkBvQZm5g-mP3JkfCYnvePqLAjSssTQAmjKACSgXcrffEbKDLmv2jJpj_KGs7R2LfQHgbe5v-6FMwLx66pPsAuxJdzdR8Sx92JHuoFctJ6VCKozo5Q_F3hEFQwKWw2G-U=5AF3BC19" />
+<property name="jira.rest.endpoint" value="https://api.atlassian.com/ex/jira/11111111-1111-1111-1111-111111111111/rest/" />
 </code>
@@ Line 221: / Line 262: @@
   * Find the right user
   * Click on the "Reset Failed Login Count" link in the "Login Details" column.