Authentication options

Owned by Bob Swift
Last updated: Oct 18, 2024 by Cristina Szilágyi
3 min read

Overview

Atlassian applications offer several authentication options for API access. Below are the ones currently supported by the Command Line Interface (CLI) in the latest releases.

ApplicationBasic AuthenticationSession AuthenticationOAuth and Related TokensDiscussion
Jira, Confluence Cloud 

No longer available

No longer available 

Atlassian Personal Access Tokens

(also known as API Tokens)

Parameters

  • user (email address)
  • token or password (access token)
  • Atlassian has removed support for use of Basic and Session authentication
  • UPM client also supports the same authentication methods
  • CLI 8.4 or higher can use the token parameter for their access token instead of password parameter - either works the same (except for a couple of cases where a real password is needed)
  • If you are NOT using the email address and API token for your user credentials for accessing Cloud sites, you will likely receive: Remote error: User is not authorized to perform the request. Response code: 401.
Jira Server

Parameters

  • user (user name)
  • password

Parameters

  • user (for login)
  • password (for login)
  • login (subsequent actions)

Default with automatic login

Using Personal Access Tokens

Requires 8.14 or higher.

Parameters

  • token
  • Let default support use automatic session authentication
  • Only special case, advanced scripting should bother with using login action and saved sessions
  • UPM client also supports the same authentication methods
Personal Access Token Restrictions
  • See Restrictions section below for general information
Confluence Server

Parameters

  • user (user name)
  • password

Parameters

  • user (for login)
  • password (for login)
  • login (subsequent actions)

Default with automatic login

Using Personal Access Tokens

Requires 7.9 or higher.

Parameters

  • token
  • Let default support use automatic session authentication
  • Only special case, advanced scripting should bother with using login action and saved sessions
  • UPM client also supports the same authentication methods
Personal Access Token Restrictions
  • See Restrictions section below for general information
  • Cannot be used for user actions (getUserList, addUser, removeUser, editUser, ...) when admin security (websudo) is enabled.
Bitbucket Server

Parameters

  • user (user name)
  • password

Personal Access Tokens

Parameters

  • token
  • UPM client also supports the same authentication methods
  • See also Access Tokens.
Personal Access Token Restrictions
  • See Restrictions section below for general information
Bitbucket Cloud

No longer available


App passwords parameters
  • user (user name)
  • password (app password)

Access tokens (11.0 and higher) parameters

  • token 


Bitbucket resource scoped access tokens - see Access Tokens for Bitbucket Cloud. These tokens have restricted capabilities, so should only be used for actions that can be achieved with the bounds of the specific restrictions otherwise the action will fail likely with an error like this. Remote error: This API is not accessible by this authentication mechanism . This is especially true for repository and project access tokens. Where appropriate, access tokens are recommended for automations - they are easily  managed by resource admins and have independent 429 limits. 

Slack

Parameters

  • token


Personal Access Tokens for Server and Data Center

Personal access tokens have some good advantages in specific cases, but there are also some severe restrictions:

Personal access tokens can be created in the UI by going to your profile - see Atlassian documentation on personal access tokens.

Restrictions

  1. Some server remote capabilities used in various CLI actions may not support access using personal access tokens - actions like renderRequest or actions that use similar support under the covers depending on action parameters used. In this case, you receive an error message such as:

    Client error: Action or capability not available when using token authentication. Use user and password parameters instead.

    Sometimes, you can avoid restricted capabilities by adjusting the parameters you use on the action. Otherwise, you need to revert to the standard user and password support.

  2. If secure administrator sessions (websudo) are turned on for your instance and you attempt a secure administration action, websudo permission errors occur. Turn off the websudo for your site or revert to the standard user and password support.


Log a request with our support team.

Confluence®, Jira®, Atlassian Bamboo®, Bitbucket®, Fisheye®, and Atlassian Crucible® are registered trademarks of Atlassian®
Copyright © 2005 - 2024 Appfire | All rights reserved. Appfire™, the 'Apps for makers™' slogan and Bob Swift Atlassian Apps™ are all trademarks of Appfire Technologies, LLC.