Important Update Effective February 1, 2024!
Due to recent changes in Jira and Confluence, we've made the tough decision to discontinue the OpenID Connect (OIDC)/OAuth app and no longer provide new versions for the newest Jira/Confluence releases as of January 31, 2024.
This is due to some necessary components no longer shipping with Jira/Confluence, which would require some extensive rewrites of the OIDC App.
Important Update! This app will be discontinued soon!
Due to recent changes in Jira, which no longer ships with some components required for our Read Receipts app to run, we've made the tough decision to discontinue the app, as of Februar 5, 2025.
Important Update! This app will be discontinued soon!
We've made the tough business decision to discontinue the app, as of January 11, 2025.
Knowledge Base
I'm using Bob Swift's CLI for Jira but can't use API Tokens with it
The Bob Swift CLI has a password- and a token parameter for passing credentials.
The token parameter doesn't work, if you are using API Tokens created with our app. Use the password parameter instead.
An example call would look like this:
./acli.sh --server https://your-jira.com --user someuser --password <your-api-token> --action getProjectList
API Tokens & Captcha Challenge
When a user provides a wrong token or one already expired, the authentication attempt will count towards the failed login count in Jira/ Confluence.
Depending on the settings for "Maximum Authentication Attempts Allowed" in Jira (https://your-jira.com/secure/admin/ViewApplicationProperties.jspa)
or Confluence (https://your-confluence.com/admin/editsecurityconfig.action)
solving a captcha challenge might be required, next time the user logs in to the UI.
Providing a valid token again for authentication on the REST API will reset the failed login counter automatically,
so that solving the capture challenge is not required anymore.
This really only applies for doing that with a valid API token on the REST API.
If the user tries to login with a valid and local password via the UI, he/ she will still see the capture challenge.
The behaviour is the same as with our SAML SSO app, where trying to authenticating with a user and without SSO,
using a local password would also increase the failed login count and create a captcha challenge when trying to login without SSO or REST,
but is reset again, once the user successfully authenticates via SSO.
Summary of behaviour after causing a Captcha Challenge due to using an invalid API Token
- Should the user login to Jira/ Confluence Webinterface via the Resolution SAML SSO app, the failed login counter is reset/ no captcha challenge is displayed anymore
- Should the user login to Jira/ Confluence Webinterface without SSO, he/ she will need to solve the captcha and also need to provide a valid password (API Tokens are REST only)
- Should the user provide another valid token on the REST API again, the failed login counter is also reset/ no captcha challenge is displayed on the Jira/ Confluence Webinterface