REST API Tokens
General information
A primary use case for API tokens is to allow scripts to access REST APIs for Jira applications using HTTP basic authentication.
If you define a token for a user, only that user can use it. If you do not specify a user, any user will be able to use this token.
If an external system is compromised, you can revoke the token instead of changing the password and consequently changing it in all scripts and integrations.
For security reasons we recommend generating token for specific user.
Editing the token after creation is not possible, create a new token if necessary.
You should treat API tokens as securely as any other password.
You can mix Tokens with Run REST API on behalf of another user
Supported endpoints
JIRA_URL/rest/*
You can generate the code snippet (JavaScript/curl) and authentication data for calls by clicking icon
If you want to check who used the token and when, all calls are added to the audit log
Specify supported URLs/methods for tokens
You can limit the token to specific urls and methods. Provide endpoint url with regular expression, add (or not) method restriction.
You can define any number of token restrictions, each of which should be on a new line.
Examples:
Restriction to 'comment' endpoint on KANBAN-100 issue (only POST method)
1
[post].*/rest/api/2/issue/KANBAN-100/comment.*
Restriction to 'comment' endpoint on SCRUM-1 and SCRUM-2 issues (for all methods)
1
.*/rest/api/2/issue/SCRUM-[1-2]{1}/comment.*
Other
1
2
3
4
.*/rest/api/2/issue.*
.*/rest/extender/1.0/customField/all.*
[get].*/rest/api/2/project.*
[delete].*/rest/api/2/project.*
How does it work
Depending on the details of the HTTP library you use, simply replace your password with the token. For example, when using curl, you could do something like this:
1
curl -v https://my-jira.com --user USER:TOKEN
Note that:
USER
here is the email address or user name.TOKEN
here is token generated in Extender REST API Tokens page
CURL Example
GET Example
1
curl -s -u admin:token1234567890 JIRA_URL/rest/api/2/issue/AAA-1
1
curl -s -u ansible@ansible.jira.pl:token0987654321 JIRA_URL/rest/api/2/issue/AAA-1 |
POST Example 1
2
curl -u admin:token0987654321 -H "Content-Type: application/json"
--data '{"body":"Comment text"}' -X JIRA_URL/rest/api/2/issue/ISSUE-1/comment |
Postman Example
Note that :
Basic Auth
use this type in Authorization typeUsername
here is the email address or user name.Password
here is token generated in Extender REST API Tokens page
Changes
REST API Tokens is available since v. 1.39.*
Since v. 1.40.*.1
added JIRA_URL/rest/keplerrominfo/* to supported endpoints
Since v. 1.61.*
changes in supported endpoint URLs - JIRA_URL/rest/*
added tokens expiration functionality
added the ability to specify token restrictions for URLs/methods
Since v. 2.6.*
all token calls will now be added to audit log
Since v. 2.8.*
added Code snippet
Since v. 2.14.*
added the ability to edit token name and limits