Last updated Dec 12, 2023

Basic auth for REST APIs

This page shows you how REST clients can authenticate themselves using basic authentication with an [Atlassian account] email address and API token. Authentication using passwords has been deprecated.

Overview

The Jira Service Management operations REST API is protected by the same restrictions that apply in the standard Jira web interface. These restrictions mean that if you don't log in, you access Jira anonymously. If you log in and don't have permission to view something in Jira, you won't be able to view it using the Jira Service Management operations REST API either.

In most cases, the first step in using the Jira Service Management operations REST API is to authenticate a user account with your Jira site. This page provides a simple example of basic authentication.

Get an API token

Basic auth requires API tokens. You generate an API token for your Atlassian account and use it to authenticate anywhere where you would have used a password. This enhances security because:

  • you're not saving your primary account password outside of where you authenticate
  • you can quickly revoke individual API tokens on a per-use basis
  • API tokens will allow you to authenticate even if your Atlassian Cloud organization has two-factor authentication or SAML enabled.

See the Atlassian Cloud Support API tokens article to discover how to generate an API token.

Simple example

Most client software provides a simple mechanism for supplying a user name (in our case, the email address) and API token that the client uses to build the required authentication headers. For example, you can specify the -u argument in cURL as follows:

1
2
curl -D- \
   -u user@example.com:user_api_token \
   -X GET \
   -H "Content-Type: application/json" \
   https://api.atlassian.com/jsm/ops/api/{cloudId}/v1/schedules/{scheduleId}

Supply basic auth headers

You can construct and send basic auth headers. To do this you perform the following steps:

  1. Generate an API token for Jira using your Atlassian Account.
  2. Build a string of the form useremail:api_token.
  3. BASE64 encode the string.
    • Linux/Unix/MacOS: 
      1
2
      echo -n user@example.com:user_api_token | base64
    • Windows 7 and later, using Microsoft Powershell: 
      1
2
      $Text = ‘user@example.com:user_api_token’
$Bytes = [System.Text.Encoding]::UTF8.GetBytes($Text)
$EncodedText = [Convert]::ToBase64String($Bytes)
$EncodedText
  4. Supply an Authorization header with content Basic followed by the encoded string. For example, the string user@example.com:user_api_token encodes to dXNlckBleGFtcGxlLmNvbTp1c2VyX2FwaV90b2tlbg== in base64, so you would make the request as follows:
1
2
curl -D- \
   -X GET \
   -H "Authorization: Basic dXNlckBleGFtcGxlLmNvbTp1c2VyX2FwaV90b2tlbg==" \
   -H "Content-Type: application/json" \
   https://api.atlassian.com/jsm/ops/api/{cloudId}/v1/schedules/{scheduleId}

Rate this page: