Last updated Apr 15, 2024

Security

Authentication

All Commerce REST API queries require a valid access token.

Partners can generate tokens for their apps in the Partner portal.

Once you have an access token, include your token as an Authorization header, prefixed by Bearer, on all API queries. Requests are made via api.atlassian.com domain as shown below:

1
2
  --url 'https://api.atlassian.com/api/v1/sales/contact/quote?quotes={quotes}' \
  --header 'Authorization: Bearer ACCESS_TOKEN' \
  --header 'Accept: application/json'

Authorization

Once the authentication is successful, Commerce performs authorization wherein we check for user/service access to the requested resource. This check is based on billing roles as described below.

Billing roles

Billing admin

A billing admin can quote, pay, and manage everything billing on a given transaction account. A user becomes a billing admin on creation of a new transaction account or when granted this role by another billing admin.

Rate this page: