Atlassian provides REST APIs to perform a number of operations such as Create Page, Delete Page, Add Comment, Create Space, etc. However, it supports only two authentication methods for REST APIs:
- Basic Authentication
- Using OAuth 1.0
The REST API Authentication plugin allows you to use any third party OAuth 2.0 provider/ OpenID connect to authenticate REST APIs. Here we will go through a guide to configure AWS Cognito as Provider.
Step 1: Configure AWS Cognito server:
- Sign in to AWS Amazon. Now enter “Cognito” in search textbox & select Cognito from dropdown.
- Go to “Manage your user pools” and click on “Create a user pool”
- Add pool name and select “Review Defaults”.
- Click on “Add app client” & then click on Add an app client.
- Enter App client name & then Click on “Create app client”.
- Click on Return to pool details. After this click on “Create Pool”.
- Navigate to App client settings. Select “Cognito User Pool”, add callback URL (your application’s Base URL).
- Also, select Authorization code grant as “Allowed OAuth Flows” & select OpenID as “Allowed OAuth Scopes”.
- After selecting all details click on Save changes button.
- Go to “App client” and click on “Show details” to get a client ID and client secret.
- Go to domain name and enter a domain name for your app. After adding domain name you can check its availability by clicking on “Check availability” button. After entering valid domain name click ”Save changes” button.
Step 2: Fetch Access token through POSTMAN
- Open the Postman Application (Here is the link to download Postman Application).
- Go to Authorization tab.
- From the dropdown select type as OAuth 2.0 and click on Get access token.
- Add the following information from the table below.
- Postman starts the authentication flow and prompts you to use the access token.
- Select Add token to the header.
| Field |
Value |
| Grant type |
Authorization Code or Client Credentials |
| Callback URL |
Enter your application’s base URL if you dont have a callback URL |
| Auth URL |
https://{DomainName}/oauth2/authorize |
| Access token URL |
https://{DomainName}/oauth2/token |
| Client ID |
Enter the AWS Cognito Client ID |
| Client secret |
Enter the AWS Cognito Client secret |
| Scope |
identify |
| Client Authentication |
Send as Basic Auth Header |
- Copy the Access Token or click on Use Token.
A sample access token from AWS Cognito Provider looks like this.
e8ec210628306b1df26ff61e6b9b3195814a2d79d38a2c7c1dc5836f6ddd7143
Step 3: Fetch Username through AWS Cognito:
- Choose the method type as “GET“.
- Enter the interoception Endpoint from the plugin to fetch the username in the Request URL. For AWS Cognito it is “”.
- Go to the Authorization tab select the Bearer Token and enter the access token here.
- Add the header “content-type: application/json” and click on Send.
Request:
curl
-X GET
-H "Authorization: Bearer <Access Token>"
-H "Content-type: application/json"
https://discordapp.com/api/users/@me
Copy the attribute value against the username, you will need to configure it in plugin. In this example, the value is “username“.
×
![AWS cognito modal]()
Test Atlassian REST API using access token:
- Call any REST API of your Atlassian application. Include the access token in the Authorization header. Here’s an example of fetching content from Confluence.
- Go to the Postman application select method type as GET and enter the Request URL. For eg. http://{Confluence_Base_URL}/rest/api/content/
- In the Authorization tab select type as Bearer Token.
- In the Header tab add the header “content-type: application/json and send the request.
Request:
curl
-X GET
-H "Authorization: Bearer <Access Token>"
-H "Content-type: application/json"
http://{confluence_base_url}/rest/api/content/
- This will show the content in Confluence and will return the status 200.
- If the token is invalid or missing, the call will return a 401 Unauthorized response
×
![AWS cognito modal]()