REST API Authentication On Atlassian using Slack as OAuth Provider

Step 1: Configure Slack server:

• Login to Slack : Go to Slack API and login with your account.
• Go to Channel Settings and click on Add an app option.

• Create an app : Go to the Create App page.
• Enter App name and Development Slack Workshop. App name can be anything and by default Slack Workshop is Group but you can sign in to another workspace.
• Click On Create App.

• Copy Client ID and Client Secret and keep it handy.

• Add Redirect URL : Go to OAuth & Permissions, enter Callback URL(Application’s Base URL.) under Redirect URLs text field and after that click on Save URLs.

Step 2: Fetch Access token through POSTMAN:

• Open the Postman Application (Here is the link to download Postman Application).
• Go to Authorization tab.
• From the dropdown select type as OAuth 2.0 and  click on Get access token.
• Add the following information from the table below.
• Postman starts the authentication flow and prompts you to use the access token.
• Select Send Client Credentials in Body.

• Copy the Access Token or click on Use Token.

A834c0606ba71336423013699db8e971

Step 3: Fetch Username through Slack:

• Choose the method type as "GET".
• Enter the interoception Endpoint from the plugin to fetch the username in the Request URL. For Slack it is "https://slack.com/api/users.identity?token=".
• Go to the Authorization tab select the Bearer Token and enter the access token here.
• Add the header "content-type: application/json" and click on Send.

     curl 
     -X GET 
     -H "Authorization: Bearer <Access Token>" 
     -H "Content-type: application/json" 
     https://slack.com/api/users.identity?token=

Step 4: Configure the Rest API plugin:

Step 1: Enable Rest API Authentication:

• After installing the app, click on Configure to configure plugin.
• Select the Authentication type and navigate to Oauth/OIDC tab, then click on Configure.
• From the drop down select Slack as OAuth Provider.
• Enter the attribute value against which we received the username in the Postman response.
• Save the settings.
• Now navigate to the Global Settings tab.
• Here you will have to Enable the Authentication through Enable REST API Authentication and click on Save.

Step 2: Disable Basic Authentication:

• Disabling this will restrict all the REST API call made using Basic Authentication.

Step 5: User Restriction:

Step 1: Group Based Restriction:

• Navigate to User Restriction Tab and then Group Based Restriction.
• Check the Restrict Access to API.
• Enter the Group to allow user to access Rest API.
• Save the settings.

Step 2: IP Restriction:

• Navigate to User Restriction Tab and then IP Restriction.
• Check the Restrict Access to API by IP address.
• Add IP Address or range to allow Rest API.
• Save the settings.

Step 6: Test REST API using access token:

• Call any REST API. Include the access token in the Authorization header. Here’s an example of fetching content from Confluence.
• Go to the Postman application select method type as GET and enter the Request URL. For eg. http://{Confluence_Base_URL}/confluence/rest/api/content/
• In the Authorization tab select type as Bearer Token.

• In the Header tab add the header “content-type: application/json and send the request.

     curl 
     -X GET  
     -H "Authorization: Bearer <Access Token>" 
     -H "Content-type: application/json" 
     http://{confluence_base_url}/confluence/rest/api/content/

• This will show the content in Confluence and will return the status 200.
• If the token is invalid or missing, the call will return a 401 Unauthorized response.

Additional Resources

• Rest API Authentication Methods
• Slack as OAuth Provider/OpenID Connect
• Frequently Asked Questions (FAQs)