Introduction
OAuth (Open Authorization) is a security protocol that allows a person to delegate their access rights to a resource. This protocol allows an application to act on behalf of someone without having to provide that person’s secret information. This protocol is used to secure REST Web services. The client application retrieves an Access Token from an authentication server. This gives her access to a protected resource in the name of the resource owner.
This protocol is also used when laying with the application link between FCC and Jira. Until now, Oauth 1.0a was used to establish the application link. As of now, it is also possible to create an application link with the newer Oauth 2.0.
Oauth 2.0 more secure and stable
Please note that existing Oauth 1.0a application links will continue to work as usual for now. However, we do recommend configuring a new application link between FCC and Jira soon using the Oauth 2.0 version. This one is more secure and works more stably.
The application link for Oauth 2.0 must be recreated. It is not possible to convert the existing Oauth 1.0a application link to Oauth 2.0.
In the Jira connectivity app, the Oauth 1.0a and Oauth 2.0 application links are shown in 2 different lists. In version 17, the Oauth 2.0 link is only available for Jira Data Center. In version 18, it will also become available for Jira Cloud.
Application links for Jira Cloud and Jira Data Center
There are 2 version of Jira, namely Jira Cloud and Jira Data Center. Jira Cloud is hosted by Atlassian. Jira Data Center is an on-premises version of Jira hosted by your own organization. Creating a connection for Jira Cloud and Jira Data Center is a little different. Because Oauth2.0 will initially be available only for Jira Data Center, it is explained below.
Creating application links with Jira Data Center
In the Jira connectivity app, a new application link can be added via the add link button.
Next, go to Jira Data Center and register Fortes Change Cloud as a new application link using the information from step 1 (see sceenshot). Next, enter the Client ID, Client secret and Jira URL under step 2, and then click “Authorize FCC to connect to Azure.
Note that the user you log into Jira with also creates the application link.
Customize application link in existing configuration
Once the application link is created, the existing configurations still need to be modified. In fact, in each configuration, the newly created Oauth 2.0 application link must be selected.
When this is done, the necessary steps have been completed and from then on data exchange will take place using the Oauth 2.0 protocol.