Important Update Effective February 1, 2024!
Due to recent changes in Jira and Confluence, we've made the tough decision to discontinue the OpenID Connect (OIDC)/OAuth app and no longer provide new versions for the newest Jira/Confluence releases as of January 31, 2024.
This is due to some necessary components no longer shipping with Jira/Confluence, which would require some extensive rewrites of the OIDC App.
New to API Tokens? Read this first
What are API Tokens?
API tokens are long strings of randomly generated characters that can be used instead of passwords when users access protected APIs.
What is basic authentication in the context of Atlassian APIs?
Basic authentication is the traditional method for authenticating into applications with user credentials. In other words, entering your username and password to log into Jira.
Users who want to utilize the Jira, Confluence, and Bitbucket APIs also need to authenticate as part of the API calls and can do so with basic authentication. However, that’s not a best practice, since strong passwords are not enforced, passwords don’t come with an expiration date or scope and you also can only create one password per user.
How do I use an API Token?
In your API calls, simply place the API Token where your user password would go. You can see different examples here.
Can API Tokens be shared?
The short answer is no. Since it replaces a password, each API token is solely associated to the user holding that password. Additionally, it is generally recommended to have a different token for each API connection. This minimizes security risks and allows revoking compromised tokens without affecting any other scripts, connections or automations created by the same user.
For which Atlassian products is API Token Authentication available?
API Token Authentication is available for Jira Server, Jira Data Center, Confluence Server, Confluence Data Center, Bitbucket Server, and Bitbucket Data Center.