You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hi, Perceval only supports Jira backend either as an anonymous user (without providing any credentials at all) or basic auth (via username/password pair).
Anonymous access if often disabled on existing Jira instances.
Basic auth is only enabled on few Jira instances, most switched to either OAuth 2/3 or Connect Apps. Additionally, basic auth is not recommended, see here (REST API basic authentication is deprecated and will be removed in the future).
Connect apps is the newest and most recommended way of supporting authentication/authorization (it uses JWT tokens, also the Linux Foundation uses JWT token for its Linux Foundation ID (LFID) logins - many LF projects Jiras use this - example ONAP, OPNFV and many more).
Documentation for connect apps is here and for OAuth is hereand there.
This is an important improvement because the current state of Jira backend actually almost blocks Jira usage (it only works in anonymous mode or in deprecated basic auth mode which is usually disabled in most Jira instances).
The text was updated successfully, but these errors were encountered:
Hi, just wanted to clarify some things. From the jira documentation I can see that password basic auth & cookie-based auth have been deprecated. The recommended method for Basic auth now is via api tokens.
While it is still better to use Oauth to authenticate the requests, currently for non-connect apps, the only grant type available is the code authorization type, which requires a browser. In the context of the perceval CLI, this does not seem to make much sense to implement?
For connect apps however they do allow 2-legged Oauth via the use of a JWT. For the scope of this PR, is it alright if i add api tokens as a means of Basic auth for non-connect apps and use JWT for connect apps?
** apologies after further reading, i realised that there are some differences between apps hosted on Jira Cloud and apps self-hosted with Jira Server.
password basic auth is deprecated for Jira Cloud, api tokens are now the recommended method
api tokens are not enabled for Jira Server, and password basic auth is still the only way to perform auth without a browser
I am unclear if the current jira backend aims to support both Jira Cloud & Server, would need some clarification on this, and perhaps what the scope for this issue should be.
Hi, Perceval only supports Jira backend either as an anonymous user (without providing any credentials at all) or basic auth (via username/password pair).
Connect apps is the newest and most recommended way of supporting authentication/authorization (it uses JWT tokens, also the Linux Foundation uses JWT token for its Linux Foundation ID (LFID) logins - many LF projects Jiras use this - example ONAP, OPNFV and many more).
Documentation for connect apps is here and for OAuth is hereand there.
This is an important improvement because the current state of Jira backend actually almost blocks Jira usage (it only works in anonymous mode or in deprecated basic auth mode which is usually disabled in most Jira instances).
The text was updated successfully, but these errors were encountered: