REST API Authentication On Atlassian using Facebook as OAuth Provider

Atlassian provides REST APIs to perform a number of operations such as Create Page, Delete Page, Add Comment, Create Space, etc. However, it supports only two authentication methods for REST APIs:
  1. Basic Authentication
  2. Using OAuth 1.0
The REST API Authentication plugin allows you to use any third party OAuth 2.0 provider/ OpenID connect to authenticate REST APIs. Here we will go through a guide to configure Facebook as Provider.

Download And Installation

  • Log into your atlassian instance as admin.
  • Navigate to the settings menu and Click Manage Apps.
  • Click Find new apps or Find new add-ons from the left-hand side of the page.
  • Locate Api Token/OAuth Authentication app.
  • Click Try free to begin a new trial or Buy now to purchase a license.
  • Enter your information and click Generate license when redirected to MyAtlassian.
  • Click Apply license.

Step 1: Configure Facebook server:

  •  Go to Facebook Developers and login with your account. Select Create App from the dropdown in the upper right corner.
Facebook as OAuth Provider
  • Provide a Display Name and Contact Email.
Facebook as OAuth Provider  
  • On the PRODUCTS page that follows, click on Set Up next to Facebook Login.
  • Next choose the type of application, for this tutorial we have selected Web.
Facebook as OAuth Provider
  • After that go to the Settings tab under the Facebook login and enter the Callback URL (Application's Base URL) in the Valid OAuth redirect URIs field. NOTE: Before entering the callback url it should be changed to https.
Facebook as OAuth Provider
  • Click Settings in the left nav. On this page you can retrieve your App ID and App Secret. Click show to reveal the App Secret (you may be required to re-enter your facebook password).
Facebook as OAuth Provider

Step 2: Fetch Access token through POSTMAN

  • Open the Postman Application (Here is the link to download Postman Application).
  • Go to Authorization tab.
  • From the dropdown select type as OAuth 2.0 and  click on Get access token.
  • Add the following information from the table below.
  • Postman starts the authentication flow and prompts you to use the access token.
  • Select Add token to the header.
Field Value
Grant type Authorization Code or Client Credentials
Callback URL Enter your application's base URL if you dont have a callback URL
Auth URL https://www.facebook.com/dialog/oauth
Access token URL https://graph.facebook.com/v2.8/oauth/access_token
Client ID Enter the Facebook Client ID
Client secret Enter the Facebook Client secret
Scope blank
Client Authentication Send as Basic Auth Header
Facebook as OAuth Provider
  • Copy the Access Token or click on Use Token.
A sample access token from Facebook Provider looks like this.
e8ec210628306b1df26ff61e6b9b3195814a2d79d38a2c7c1dc5836f6ddd7143

Step 3: Fetch Username through Facebook:

  • Choose the method type as "GET".
  • Enter the interoception Endpoint from the plugin to fetch the username in the Request URL. For Facebook it is "https://graph.facebook.com/me/?fields=id,name,email,age_range,first_name,gender,last_name,link&access_token=".
  • Go to the Authorization tab select the Bearer Token and enter the access token here.
  • Add the header "content-type: application/json" and click on Send.
Facebook as OAuth Provider Request:
     curl 
     -X GET 
     -H "Authorization: Bearer <Access Token>" 
     -H "Content-type: application/json" 
     https://graph.facebook.com/me/?fields=id,name,email,age_range,first_name,gender,last_name,link&access_token=
Copy the attribute value against the username, you will need to configure it in plugin. In this example, the value is "name".

Configure the Rest API plugin:

Step 1: Enable Rest API Authentication:

  • After installing the app, navigate to the Global Settings tab.
  • Here you will have to Enable the Authentication through Enable REST API Authentication and click on Save.
  • Go to the OAuth/OIDC tab and in the dropdown provided select Facebook as the OAuth provider.
  • Enter the attribute value against which we received the username in the Postman response.
  • Save the settings.
Facebook as Oauth Provider  

Step 2: Disable Basic Authentication:

  • Disabling this will restrict all the REST API call made using Basic Authentication.

Test REST API using access token:

  • Call any REST API. Include the access token in the Authorization header. Here’s an example of fetching content from Confluence.
  • Go to the Postman application select method type as GET and enter the Request URL. For eg. http://{Confluence_Base_URL}/confluence/rest/api/content/
  • In the Authorization tab select type as Bearer Token.
Facebbok as OAuth Provider  
  • In the Header tab add the header “content-type: application/json and send the request.
Facebbok as OAuth Provider Request:
     curl 
     -X GET  
     -H "Authorization: Bearer <Access Token>" 
     -H "Content-type: application/json" 
     http://{confluence_base_url}/confluence/rest/api/content/
  • This will show the content in Confluence and will return the status 200.
  • If the token is invalid or missing, the call will return a 401 Unauthorized response



If you are looking for anything which you cannot find, please drop us an email on info@xecurify.com