On this page:
|
Authentication between CMJ Cloud and an Atlassian Connect
...
app
This page explains how to configure authentication between Configuration Manager for Jira Cloud (CMJ Cloud) and an Atlassian Connect app, which implements the SPI.
Tip |
---|
Sample appYou can take Take a look at our sample app for guidance on configuring the authentication between your app and CMJ Cloud. See how the the sample app authenticates in our public repository. |
...
Invocations of app SPI endpoints by CMJ Cloud are secured via JWT authentication. CMJ Cloud will invoke the app only using "HTTPS" and will validate the server certificate provided by the app. The app must verify the signature of the provided JWT token , using a publicKey‘publicKey’. This public key can be obtained by calling the SPI Keys API, hosted on CMJ Cloud. You need to must pass the key ID (kid) , included in the JWT header when making the call. The public key is the Base64 representation of DER-encoded X.509.
...