API Token AuthenticationAPI Token Authentication
Try For Free

Admin Guide

App Configuration

Administrators can adjust the app settings in the corresponding management section.

Jira

In Jira, navigate to the User management section and select API Token Authentication

image2019-12-11_9-57-44.png

Confluence

In Confluence, scroll down to the Users & Security section in the administration configuration panel and select API Token Authentication
image2019-11-22_9-52-24.png

Global Settings

The app contains a few global settings, available for administrators only. 
Settings here apply to all users accessing the REST API with Basic Authentication and any of the tokens they've created for their user.
Please find more details about the two options currently available below.

image2019-12-11_9-53-59.png

IP Address Restrictions

Admins may restrict REST API requests by IP- addresses or ranges. This restriction will apply to both token- and password authentication,
should the latter not have been disabled (see next section). 

Just enter one or more addresses or address ranges with the + button or delete existing ones and save your settings.
info If no addresses were provided, requests from every IP address will be allowed.

If you need to find out why you can't access the REST API after applying IP restrictions, please read our troubleshooting guide.


Disable Basic Auth with passwords

You may want to disable password authentication for REST endpoints completely. Should the token provided not match any user's tokens,
a 403 status code will be returned. With Basic Auth and user passwords enabled, Jira will try to authenticate the user by password, provided that it is correct.

Pitfalls

When playing and testing with wrong passwords or tokens, be aware that this can lead to too many failed logins recorded.
Go to your user manager and reset the failed login count for the user you are testing with.