Posts about JWT
Atlassian Connect uses JSON Web Token (JWT) for authentication between the host product (e.g. JIRA, Confluence, or HipChat) and your add-on. To ensure the security of everyone's data, Atlassian includes additional claims so a signed request cannot be intercepted and used to perform other actions. We offer frameworks that hide that complexity for node.js, Play!, and ASP.NET as well as atlassian-jwt for those working on other Java stacks. What happens when you don't want to use our frameworks? That's not a problem, you can use whatever framework you want - one of the joys of building add-ons with Atlassian Connect. You can implement the JWT authentication yourself — I'll walk you through the added security features Atlassian uses with Connect.