Skip to content

personalAccessToken not working as described #351

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
uncaught opened this issue Jan 14, 2025 · 4 comments
Closed

personalAccessToken not working as described #351

uncaught opened this issue Jan 14, 2025 · 4 comments
Assignees
@MrRefactoring
Labels
bug Indicates a reported issue or malfunction that needs fixing.
Milestone
v5.0.0

Comments

@uncaught
Copy link

I'm totally new to jira and their API, so please forgive if this is obvious to you.

I've installed and set up my client as such according to your documentation:

const jira = new Version3Client({
  authentication: {
    personalAccessToken: process.env.JIRA_TOKEN || '',
  },
  host: 'https://my-domain.atlassian.net',
});

But that yields this response:

 response: {
    code: 'ERR_BAD_REQUEST',
    message: 'Request failed with status code 403',
    data: { error: 'Failed to parse Connect Session Auth Token' },
    status: 403,
    statusText: 'Forbidden'
  },

Using the same token and the basic authentication, it works:

const jira = new Version3Client({
  authentication: {
    basic: {
      apiToken: process.env.JIRA_TOKEN || '',
      email: 'my-name@my-domain.com',
    },
  },
  host: 'https://my-domain.atlassian.net',
});

So is your documentation wrong here? Or your implementation? Or maybe personal access tokens don't exist anymore because Jira calls them API tokens on the referenced page?
@MrRefactoring MrRefactoring added bug Indicates a reported issue or malfunction that needs fixing. Investigation required Points out issues that need further exploration or detailed examination. labels Jan 21, 2025
@MrRefactoring MrRefactoring self-assigned this Jan 21, 2025
@nessgor
Copy link
Contributor

nessgor commented Feb 9, 2025
edited
Loading

The link in the documentation points to API Token, not Personal Access Token. According to this page

Before you begin
You can create and use personal access tokens in Data Center and Server editions of the following Atlassian applications:

  • Jira Core 8.14 and later
  • Jira Software 8.14 and later
  • Jira Service Management 4.15 and later
  • Confluence 7.9 and later

In Jira, select your profile picture at the top right of the screen, then select Profile. Once you access your profile, select Personal Access Tokens in the left-hand menu.

It explicitly stated Data Center and Server editions, so I am unsure if we can create a PAT on the Jira Cloud edition. And yes, we should fix the link in the documentation. It is misleading.

@MrRefactoring
Copy link
Owner

  1. Clarify the use of Personal Access Token (PAT):
    I don’t quite remember why I introduced PAT authentication, but it seems it doesn’t apply to the Jira Cloud API. Regarding the documentation, I mistakenly linked the apiTokens release instead of personalAccessToken. I suggest moving the link to the basic authentication documentation section.

  2. Evaluate the need for PAT:
    We should determine if PAT is still necessary. If not, it should be marked as deprecated and removed in future releases.

  3. Investigate email + password authentication:
    We need to verify if email + password authentication is still supported for API access. It seems this method has been unavailable for a long time.

@MrRefactoring MrRefactoring added this to the v4.1.0 milestone Feb 9, 2025
@MrRefactoring
Copy link
Owner

Let’s address step 1 (see my comment above) as part of the v4.1.0 release. We’ll leave the remaining steps for further investigation and prioritize their implementation in the future

@MrRefactoring MrRefactoring linked a pull request Feb 20, 2025 that will close this issue
Release: v4.1.0 #346
Merged
@MrRefactoring MrRefactoring removed this from the v4.1.0 milestone Mar 2, 2025
@MrRefactoring MrRefactoring removed a link to a pull request Mar 2, 2025
Release: v4.1.0 #346
Merged
@MrRefactoring MrRefactoring added this to the v5.0.0 milestone Apr 27, 2025
@MrRefactoring
Copy link
Owner

I've learned what PAT is and why it was added. It appears that PAT was introduced to work with the Jira Server API, which we no longer support (and never officially supported). In light of the above, it was decided to remove any mention of PAT and delete the related code.

@MrRefactoring MrRefactoring removed the Investigation required Points out issues that need further exploration or detailed examination. label Apr 27, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@MrRefactoring MrRefactoring

Labels
bug Indicates a reported issue or malfunction that needs fixing.
Projects
None yet
Milestone
v5.0.0
Development

No branches or pull requests
3 participants
@uncaught @MrRefactoring @nessgor