If enabled by your organization admin, authentication via API token lets MCP clients authenticate without an interactive OAuth consent screen. Use this option for non-interactive or machine-to-machine scenarios. See Supported tools for the tools available across Atlassian apps.
There are two options: a personal API token using Basic auth, or a service account API key using a Bearer token.
Use this option when you want to authenticate MCP using a personal API token created by a user.
Create a personal API token with the required scopes. If necessary, you can manually select the scopes you want your API token to have. Note the email address of the user who owns the token.
Create a base64-encoded string in the format email:api_token:
1 2# Format: email:api_token echo -n "your.email@example.com:YOUR_API_TOKEN_HERE" | base64
This produces a base64-encoded string representing email:api_token.
Add the following configuration to your MCP client's mcp.json:
1 2{ "mcpServers": { "atlassian-rovo-mcp": { "url": "https://mcp.atlassian.com/v1/mcp", "headers": { "Authorization": "Basic BASE64_ENCODED_EMAIL_AND_TOKEN" } } } }
Replace BASE64_ENCODED_EMAIL_AND_TOKEN with the value from Step 2.
Obtain a service account API key for your non-human workload.
1 2{ "mcpServers": { "atlassian-rovo-mcp": { "url": "https://mcp.atlassian.com/v1/mcp", "headers": { "Authorization": "Bearer YOUR_API_KEY_HERE" } } } }
Replace YOUR_API_KEY_HERE with your service account API key.
You can confirm authentication is working with a quick request. A 200 OK response confirms authentication is working:
1 2# Test with API token (Basic auth) curl -I https://mcp.atlassian.com/v1/mcp \ -H "Authorization: Basic <your_base64_encoded_credentials>" # Test with service account (Bearer auth) curl -I https://mcp.atlassian.com/v1/mcp \ -H "Authorization: Bearer <your_api_key>"
Rate this page: