Last updated Oct 4, 2023


The Automation REST API supports two forms of authentication:

  1. API tokens
  2. Browser session cookies

API tokens

API tokens are generated for your Atlassian account and used to authenticate in place of a traditional username + password. API tokens have the benefit that you don't expose your password in HTTP requests, and you can revoke them at any time.

See the Atlassian Cloud Support API tokens article for details on how to generate an API token.

You can then make requests to the API using basic auth with a credential string of <email>:<token>. For some clients this can be supplied as-is, but in others you will need to construct an Authorization header:

Authorization: Basic <base64_encoded_credential_string>

Session cookies

You can invoke some APIs from the browser, where it will use the session cookie from your current session.

This only works when invoking the API from the base path https://{sitename}/gateway/api/automation/public/{product}/{cloudid}. See API base paths for more details.

Rate this page: