Authentication

Owned by Bob Swift
Last updated: Apr 10, 2023
3 min read

Overview

There are various authentication options used by Atlassian applications for remote access. The following are those available and supported by the CLI at least on the latest release levels.

ApplicationBasic AuthenticationSession AuthenticationOAuth and Related TokensDiscussion
Jira, Confluence Cloud 

No longer available

No longer available 

Atlassian Personal Access Tokens

(also known as API Tokens)

Parameters

  • user (email address)
  • token or password (access token)
  • Atlassian has removed support for use of Basic and Session authentication
  • UPM client also supports the same authentication methods
  • CLI 8.4 or higher can use the token parameter for their access token instead of password parameter - either works the same (except for a couple of cases where a real password is needed)
  • If you are NOT using the email address and API token for your user credentials for accessing Cloud sites, you will likely receive: Remote error: User is not authorized to perform the request. Response code: 401.
Jira Server

Parameters

  • user (user name)
  • password

Parameters

  • user (for login)
  • password (for login)
  • login (subsequent actions)

Default with automatic login

Using Personal Access Tokens

Requires 8.14 or higher.

Parameters

  • token
  • Let default support use automatic session authentication
  • Only special case, advanced scripting should bother with using login action and saved sessions
  • UPM client also supports the same authentication methods
Personal Access Token Restrictions
  • See Restrictions section below for general information
Confluence Server

Parameters

  • user (user name)
  • password

Parameters

  • user (for login)
  • password (for login)
  • login (subsequent actions)

Default with automatic login

Using Personal Access Tokens

Requires 7.9 or higher.

Parameters

  • token
  • Let default support use automatic session authentication
  • Only special case, advanced scripting should bother with using login action and saved sessions
  • UPM client also supports the same authentication methods
Personal Access Token Restrictions
  • See Restrictions section below for general information
  • Cannot be used for user actions (getUserList, addUser, removeUser, editUser, ...) when admin security (websudo) is enabled.
Bamboo Server

Parameters

  • user (user name)
  • password

Bamboo Personal Access Tokens

Requires 6.10 or higher.

Parameters

  • token
  • UPM client also supports the same authentication methods
Personal Access Token Restrictions
  • See Restrictions section below for general information
Bitbucket Server

Parameters

  • user (user name)
  • password

Personal Access Tokens

Parameters

  • token
  • UPM client also supports the same authentication methods
  • See also Access Tokens.
Personal Access Token Restrictions
  • See Restrictions section below for general information
Bitbucket Cloud

No longer available


App passwords parameters
  • user (user name)
  • password (app password)

Access tokens (11.0 and higher) parameters

  • token 


Bitbucket resource scoped access tokens - see Access Tokens for Bitbucket Cloud. These tokens have restricted capabilities, so should only be used for actions that can be achieved with the bounds of the specific restrictions otherwise the action will fail likely with an error like this. Remote error: This API is not accessible by this authentication mechanism . This is especially true for repository and project access tokens. 

Trello

Trello Token

Parameters

  • token
Slack

Parameters

  • token


Tempo Cloud

Parameters

  • tempoToken

Personal Access Tokens for Server and Datacenter

Personal access tokens have some good advantages in specific cases, but there are also some severe restrictions:

Personal access tokens can be created in the UI by going to your profile - see Atlassian documentation on personal access tokens.

Restrictions

  1. Some server remote capabilities used in various CLI actions may not support access via personal access tokens - actions like renderRequest or actions that use similar support under the covers depending on action parameters used. In this case, you will get an error message like:

    Client error: Action or capability not available when using token authentication. Use user and password parameters instead.

    In some cases, you can avoid restricted capabilities by adjusting parameters you are using on the action. Otherwise, you need to revert to the standard user and password support.
  2. Secure administrator sessions (websudo) is turned on for your instance and you are attempting a secured administration action. In this case, you will get websudo permission errors. Turn off websudo for your site or revert to the standard user and password support.

Bamboo

Due to the lack of adequate REST API support in Bamboo, use of personal access tokens is much more restricted with only a few actions available (currently) that can be used with tokens: queueBuild and some list actions (getProjectList, getPlanList, and related) are available, but almost all configuration related actions will not work with token authentication.

Log a request with our support team.

Confluence®, Jira®, Atlassian Bamboo®, Bitbucket®, Fisheye®, and Atlassian Crucible® are registered trademarks of Atlassian®
Copyright © 2005 - 2024 Appfire | All rights reserved. Appfire™, the 'Apps for makers™' slogan and Bob Swift Atlassian Apps™ are all trademarks of Appfire Technologies, LLC.