How to use Oauth2.0 in Postman client for Jira Cloud APIs
Step 1: Developer console settings.
Create a dummy app in https://developer.atlassian.com/console , choose OAuth 2.0
It will create an app ID as below. You dont have to use it anywhere for this exercise, its just FYI
Go to Permission tab on the left panel and add at least one scope. Refer below
Now add Authorization, where it will ask for Callback URL. Give the site URL here: https://{yoursite}.atlassian.net.
Once you add, you have to add the APIs on the same page. I selected Jira API. This is how it should look. Note that its referencing to the Permission tab and scopes. It will ask for granular scopes, but for our testing its fine. Just read scope is enough.
Make sure that you note down the ClientID and client secret in the Settings page
Step 2 : Generating an Access token from Postman
In postman client,
- select Authorisation type as "OAuth2.0" and
- select Add authorisation data to as "Request header"(scroll down on the Authorisation tab to see below options)
Fill in the below details for Configuration options
Grant Type : Authorisation code
Callback URL : Same URL that you set up in developer console. In my case I gave my site URL https://vijayprojectnew.atlassian.net
Auth URL : https://auth.atlassian.com/authorize?audience=api.atlassian.com
Access Token URL : https://auth.atlassian.com/oauth/token
Client ID : Client id from Developer console from Step 1
Client secret: Secret from Developer console from Step 1
Scope : read:jira-work (app scope that you set in developer console)
Client Authentication : Send as basic Auth headerClick “Get New access token” after setting the above details. It will ask for Authorisation
Once you provide the site details, click allow. Thats it! you will get a new access token. Copy it somewhere safe.
Step 3 : Using access token in REST API call
You can call REST api in the form as shown in below example. Lets try to get all projects for site ID 451d0a49-20f5-4ffd-8193-6ffd4c52abb3 via REST API. Notice that the URL is different from the ones you use in Basic Auth.
https://api.atlassian.com/ex/jira/451d0a49-20f5-4ffd-8193-6ffd4c52abb3/rest/api/2/project
You can pass the token in the header as Bearer <token>. Add a new header in Post man for authorisation.
Thats all.