Developer
News and Updates
Get Support
Sign in
Developer
Get Support
Sign in
DOCUMENTATION
Cloud
Data Center
Resources
News and Updates
Get support
Sign in
Developer
Sign in
DOCUMENTATION
Cloud
Data Center
Resources
News and Updates
Get support
Sign in
Last updated Jul 15, 2024

Authorization

Authorization within Atlassian's suite of products, is a security measure that ensures only authenticated users with the correct permissions can access certain data or perform specific actions. This process verifies if a user has the rights to access the resources they are requesting, maintaining the integrity and confidentiality of data across Atlassian's platforms. In order to prevent abuse, you must authenticate yourself before you can use the backup and restore APIs.

Basic authentication is one of the methods used for authorization, where users provide a username and password with their request to prove their identity. However, for enhanced security, Atlassian encourages the use of API tokens instead of passwords for Basic authentication. An API token acts as a secure alternative to using your password for accessing Atlassian APIs. The Backup Management APIs use basic auth. Learn more about basic auth for REST APIs.

To create an API token in Atlassian, you need to:

  1. Log in to https://id.atlassian.com/manage-profile/security/api-tokens.

  2. Click Create API token.

  3. From the dialog that appears, enter a memorable and concise Label for your token and click Create.

  4. Click Copy to clipboard, then paste the token to your script, or elsewhere to save.

It's crucial to keep your API token confidential and treat it as securely as you would your password. For more detailed guidance and best practices on authorization, Basic Authentication with API tokens, and managing your API tokens, you can read about Manage API tokens for your Atlassian account

These resources provide comprehensive information on securing your API interactions and ensuring your work with Backup Management APIs remains efficient and secure.

Once you have the API token, you can pass the API token in two ways -

Option 1

You can pass the request by sending your API token by passing a --user argument in your curl command.

1
2
curl --location '<REQUEST_URL>' \
--header 'Content-Type: application/json' \
--user 'useremail:<YOUR_API_TOKEN>' \

Option 2-

Alternatively, you can build a string of the form useremail:<YOUR_API_TOKEN>.

  • BASE64 encode the string.
    • Linux/Unix/MacOS: 
      1
2
        echo -n user@example.com:api_token_string | base64
    • Windows 7 and later, using Microsoft Powershell: 
      1
2
      $Text = ‘user@example.com:api_token_string’
$Bytes = [System.Text.Encoding]::UTF8.GetBytes($Text)
$EncodedText = [Convert]::ToBase64String($Bytes)
$EncodedText
  • Supply an Authorization header with content Basic followed by the <BASE64_ENCODED_STRING> received in above step. 
    1
2
      curl --location '<REQUEST_URL>' \
  --header "Content-Type: application/json" \
  -header "Authorization: Basic <BASE64_ENCODED_STRING>" \

Rate this page: