Allowing OAuth access
About OAuth access tokens
OAuth access tokens allow you to:
- Use a Jira gadget on an external, OAuth-compliant web application or website (also known as a 'consumer')
- Grant the gadget access to the same Jira data that you can access.
Before you begin
Your Jira administrator must link your Jira instance and the consumer using an application link and OAuth. For example, if you want to add a Jira gadget to your Bamboo homepage, then your Jira administrator must first approve Bamboo as an OAuth consumer.
If you want to integrate with OAuth 2.0, see Integrating with OAuth 2.0.
Issuing OAuth access tokens
To allow a gadget to access the same Jira data that you can, Jira issues it an OAuth access token. The OAuth token is unique to the gadget.
- When you use a Jira gadget on a consumer (such as Bamboo) and this gadget requires access to your Jira data, you will be prompted to log in to Jira if you have not already done so.
- After you log in to Jira, you will be prompted with a Request for Access message.
- To issue the OAuth token and grant the gadget access to your Jira data, click Allow. The gadget can access your Jira data until you revoke the token.
- To view tokens you have issued, go to your Profile > Tools > View OAuth Access Tokens:
Revoking OAuth access tokens
You can revoke an OAuth access token to deny a Jira gadget access to your Jira data. When you revoke access, the gadget can only access public data on your Jira instance.
- To view tokens you have issued, go to your Profile > Tools > View OAuth Access Tokens
- Next to the application whose OAuth access you wish to revoke, click Revoke Access.
- You may be prompted to confirm this action. If so, click OK.
- The gadget's access token is revoked and the Jira gadget can only access public Jira data.