CINXE.COM

<!DOCTYPE html><html lang="en"><head><meta charSet="utf-8"/><meta name="viewport" content="width=device-width"/><title>How to secure Jira and Confluence REST API calls in Data Center | Success Central</title><meta name="og:title" content="How to secure Jira and Confluence REST API calls in Data Center | Success Central"/><meta name="og:image" content="https://success.atlassian.com/api/og?title=How+to+secure+Jira+and+Confluence+REST+API+calls+in+Data+Center&summary=&token=e263551aaa5c353781508bc3b5527b5ffad25643740c46e74006abd6267640d1"/><link rel="canonical" href="https://success.atlassian.com/solution-resources/agile-and-devops-ado/platform-administration/how-to-secure-jira-and-confluence-rest-api-calls-in-data-center"/><meta name="next-head-count" content="6"/><link data-next-font="" rel="preconnect" href="/" crossorigin="anonymous"/><link rel="preload" href="/_next/static/css/7c30c1003d709681.css" as="style"/><link rel="stylesheet" href="/_next/static/css/7c30c1003d709681.css" data-n-g=""/><noscript data-n-css=""></noscript><script defer="" nomodule="" src="/_next/static/chunks/polyfills-78c92fac7aa8fdd8.js"></script><script src="/_next/static/chunks/webpack-2df7a8d27de1794c.js" defer=""></script><script src="/_next/static/chunks/framework-49c6cecf1f6d5795.js" defer=""></script><script src="/_next/static/chunks/main-428ffe0b61bdf877.js" defer=""></script><script src="/_next/static/chunks/pages/_app-c6ce84d2f4c89f10.js" defer=""></script><script src="/_next/static/chunks/65-6bdd40bdab33498f.js" defer=""></script><script src="/_next/static/chunks/309-dc577ba29a944023.js" defer=""></script><script src="/_next/static/chunks/925-cd1924cbd106bc30.js" defer=""></script><script src="/_next/static/chunks/pages/%5B%5B...slug%5D%5D-8107ad491b819f79.js" defer=""></script><script src="/_next/static/NV-FKOi3T0KGnsWhZ6Dpv/_buildManifest.js" defer=""></script><script src="/_next/static/NV-FKOi3T0KGnsWhZ6Dpv/_ssgManifest.js" defer=""></script></head><body><div id="__next"><a href="#main-content-area" class="tw-text-N500 tw-bg-N20 tw-left-1/2 tw-p-2.5 tw-absolute tw--translate-y-full tw-transition-transform tw-z-30 tw-rounded-sm focus:tw-top-1 tw-cursor-pointer focus:tw-translate-y-0">Skip to main content</a><nav class="tw-flex tw-flex-col tw-items-center tw-top-0 tw-z-20"><div class="tw-bg-B400 tw-flex tw-w-full tw-h-14 tw-items-center tw-px-5 md:tw-pl-14 xl:tw-px-24"><div class="tw-ml-3 tw-flex tw-items-center tw-mb-[3px] cursor-pointer"><img alt="success central logo light" loading="lazy" width="150" height="24" decoding="async" data-nimg="1" style="color:transparent" src="/images/success-central-light.svg"/></div></div><div class=" tw-relative tw-bg-N0 tw-w-full lg:tw-flex tw-transition-all tw-duration-500 tw-shadow-top-bottom"><div class="tw-h-[56px] tw-flex tw-items-center tw-px-5 md:tw-px-14 lg:tw-pr-0 xl:tw-pl-24"><div class="tw-flex cursor-pointer" tabindex="0"><div class="tw-opacity-0 tw-translate-x-[-26px] tw-invisible tw-mr-[-26px] tw-flex tw-duration-300 tw-ease-linear"><style data-emotion-css="1710liv">.css-1710liv{display:inline-block;position:relative;color:var(--logo-color);fill:var(--logo-fill);line-height:1;-webkit-user-select:none;-moz-user-select:none;-ms-user-select:none;user-select:none;white-space:normal;height:24px;}.css-1710liv > svg{height:100%;fill:inherit;}</style><span style="--logo-color:inherit;--logo-fill:currentColor" aria-label="Atlassian" role="img" class="css-1710liv"> <svg viewBox="0 0 32 32" height="32" xmlns="http://www.w3.org/2000/svg" focusable="false" aria-hidden="true"> <defs> <linearGradient id="atlassianIcon-brand" x1="14.8402" y1="15.8324" x2="8.6599" y2="26.5369" gradientUnits="userSpaceOnUse"> <stop stop-color="#0052CC" offset="0%"></stop> <stop stop-color="#2684FF" offset="0.9228"></stop> </linearGradient> </defs> <path fill="url(#atlassianIcon-brand)" d="M11.6397 14.0398C11.2789 13.643 10.7378 13.679 10.4852 14.148L4.64091 25.8728C4.42446 26.3418 4.74912 26.8829 5.25419 26.8829H13.4074C13.6599 26.8829 13.9125 26.7386 14.0207 26.4861C15.7885 22.8424 14.7061 17.3227 11.6397 14.0398Z" /> <path fill="#2684FF" d="M15.9343 3.36124C12.6513 8.55622 12.8678 14.2923 15.0324 18.6215C17.1969 22.9506 18.8565 26.2336 18.9647 26.4861C19.0729 26.7386 19.3254 26.8829 19.578 26.8829H27.7312C28.2363 26.8829 28.597 26.3418 28.3445 25.8728C28.3445 25.8728 17.3774 3.93846 17.0887 3.39732C16.8723 2.89225 16.259 2.85618 15.9343 3.36124Z" /> </svg></span></div><img alt="success central logo dark" loading="lazy" width="150" height="18" decoding="async" data-nimg="1" style="color:transparent" src="/images/success-central-dark.svg"/></div><div class="mt-2"><span class="w-fit h-fit inline-flex "><style data-emotion="css gu2hl6">.css-gu2hl6{display:inline-block;-webkit-flex-shrink:0;-ms-flex-negative:0;flex-shrink:0;line-height:1;width:32px;height:32px;}.css-gu2hl6 >svg{overflow:hidden;pointer-events:none;max-width:100%;max-height:100%;color:var(--icon-primary-color);fill:var(--icon-secondary-color);vertical-align:bottom;}.css-gu2hl6 >svg stop{stop-color:currentColor;}@media screen and (forced-colors: active){.css-gu2hl6 >svg{-webkit-filter:grayscale(1);filter:grayscale(1);--icon-primary-color:CanvasText;--icon-secondary-color:Canvas;}}.css-gu2hl6 >svg{width:32px;height:32px;}</style><span data-testid="chevron-down" role="img" aria-label="chevron down icon to open" style="--icon-primary-color:#0052CC;--icon-secondary-color:var(--ds-surface, #FFFFFF)" class="css-gu2hl6"><svg width="24" height="24" viewBox="0 0 24 24" role="presentation"><path d="M8.292 10.293a1.009 1.009 0 000 1.419l2.939 2.965c.218.215.5.322.779.322s.556-.107.769-.322l2.93-2.955a1.01 1.01 0 000-1.419.987.987 0 00-1.406 0l-2.298 2.317-2.307-2.327a.99.99 0 00-1.406 0z" fill="currentColor" fill-rule="evenodd"/></svg></span></span></div><div class="tw-ml-auto tw-flex tw-cursor-pointer" tabindex="0"><span class="w-fit h-fit inline-flex "><style data-emotion="css 1afrefi">.css-1afrefi{display:inline-block;-webkit-flex-shrink:0;-ms-flex-negative:0;flex-shrink:0;line-height:1;width:24px;height:24px;}.css-1afrefi >svg{overflow:hidden;pointer-events:none;max-width:100%;max-height:100%;color:var(--icon-primary-color);fill:var(--icon-secondary-color);vertical-align:bottom;}.css-1afrefi >svg stop{stop-color:currentColor;}@media screen and (forced-colors: active){.css-1afrefi >svg{-webkit-filter:grayscale(1);filter:grayscale(1);--icon-primary-color:CanvasText;--icon-secondary-color:Canvas;}}.css-1afrefi >svg{width:24px;height:24px;}</style><span data-testid="search" aria-hidden="true" style="--icon-primary-color:#0052CC;--icon-secondary-color:var(--ds-surface, #FFFFFF)" class="css-1afrefi"><svg width="24" height="24" viewBox="0 0 24 24" role="presentation"><path d="M16.436 15.085l3.94 4.01a1 1 0 01-1.425 1.402l-3.938-4.006a7.5 7.5 0 111.423-1.406zM10.5 16a5.5 5.5 0 100-11 5.5 5.5 0 000 11z" fill="currentColor" fill-rule="evenodd"/></svg></span></span></div></div><div data-testid="subheader" class="isHidden links tw-flex tw-items-center tw-gap-x-12 tw-shadow-top-bottom lg:tw-shadow-none navbar-links tw-px-5 xl:tw-pr-24 md:tw-px-14 tw-bg-N20 lg:tw-bg-N0 tw-absolute lg:tw-relative tw-left-0 xl:tw-h-[56px] tw-w-full tw-duration-500 tw-transition-height"><div class="h-full tw-flex tw-items-center tw-border-b-[3px] tw-border-transparent"><a target="_self" href="#" rel="" tabindex="0" class="inline-flex items-center justify-center gap-x-0.5 underline-offset-4 decoration-2 decoration-B300 font-regular hover:text-B300 hover:underline hover:cursor-pointer tw-mb-[-5px] text-B400" style="word-break:break-word"><span>Products</span><span class="w-fit h-fit inline-flex "><style data-emotion="css 1afrefi">.css-1afrefi{display:inline-block;-webkit-flex-shrink:0;-ms-flex-negative:0;flex-shrink:0;line-height:1;width:24px;height:24px;}.css-1afrefi >svg{overflow:hidden;pointer-events:none;max-width:100%;max-height:100%;color:var(--icon-primary-color);fill:var(--icon-secondary-color);vertical-align:bottom;}.css-1afrefi >svg stop{stop-color:currentColor;}@media screen and (forced-colors: active){.css-1afrefi >svg{-webkit-filter:grayscale(1);filter:grayscale(1);--icon-primary-color:CanvasText;--icon-secondary-color:Canvas;}}.css-1afrefi >svg{width:24px;height:24px;}</style><span data-testid="chevron-down" aria-hidden="true" style="--icon-primary-color:currentColor;--icon-secondary-color:var(--ds-surface, #FFFFFF)" class="css-1afrefi"><svg width="24" height="24" viewBox="0 0 24 24" role="presentation"><path d="M8.292 10.293a1.009 1.009 0 000 1.419l2.939 2.965c.218.215.5.322.779.322s.556-.107.769-.322l2.93-2.955a1.01 1.01 0 000-1.419.987.987 0 00-1.406 0l-2.298 2.317-2.307-2.327a.99.99 0 00-1.406 0z" fill="currentColor" fill-rule="evenodd"/></svg></span></span></a></div><div class="h-full tw-flex tw-items-center tw-border-b-[3px] tw-border-transparent"><a target="_self" href="#" rel="" tabindex="0" class="inline-flex items-center justify-center gap-x-0.5 underline-offset-4 decoration-2 decoration-B300 font-regular hover:text-B300 hover:underline hover:cursor-pointer tw-mb-[-5px] text-B400" style="word-break:break-word"><span>Solutions</span><span class="w-fit h-fit inline-flex "><style data-emotion="css 1afrefi">.css-1afrefi{display:inline-block;-webkit-flex-shrink:0;-ms-flex-negative:0;flex-shrink:0;line-height:1;width:24px;height:24px;}.css-1afrefi >svg{overflow:hidden;pointer-events:none;max-width:100%;max-height:100%;color:var(--icon-primary-color);fill:var(--icon-secondary-color);vertical-align:bottom;}.css-1afrefi >svg stop{stop-color:currentColor;}@media screen and (forced-colors: active){.css-1afrefi >svg{-webkit-filter:grayscale(1);filter:grayscale(1);--icon-primary-color:CanvasText;--icon-secondary-color:Canvas;}}.css-1afrefi >svg{width:24px;height:24px;}</style><span data-testid="chevron-down" aria-hidden="true" style="--icon-primary-color:currentColor;--icon-secondary-color:var(--ds-surface, #FFFFFF)" class="css-1afrefi"><svg width="24" height="24" viewBox="0 0 24 24" role="presentation"><path d="M8.292 10.293a1.009 1.009 0 000 1.419l2.939 2.965c.218.215.5.322.779.322s.556-.107.769-.322l2.93-2.955a1.01 1.01 0 000-1.419.987.987 0 00-1.406 0l-2.298 2.317-2.307-2.327a.99.99 0 00-1.406 0z" fill="currentColor" fill-rule="evenodd"/></svg></span></span></a></div></div></div></nav><div id="main-content-area" class="tw-relative tw-flex-1 focus:tw-outline-none" tabindex="-1"><main class="tw-w-full tw-flex tw-flex-col" data-testid="topic-detail"><div class="tw-flex tw-flex-1"><article class="lg:tw-pt-28 lg:tw-pb-28 tw-pb-8 topic-detail tw-grow tw-px-5 lg:tw-pr-7 xl:tw-pr-12 lg:tw-w-4/6 tw-pt-14 md:tw-px-14"><h1 class="tw-font-semibold tw-text-black tw-text-2xl md:tw-text-3xl xl:tw-text-4xl tw-mb-4">How to secure Jira and Confluence REST API calls in Data Center</h1><h2 id="out-of-the-box-authentication-methods" class="text-1.5xl font-semibold text-N800 mt-3 mb-2 relative">Out-of-the-box authentication methods</h2><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">The REST API exposed by Jira and Confluence Server or Data Center is protected from unauthorized access. To access, a caller needs to demonstrate its identity, but also have the corresponding permission to take a particular action in Jira or Confluence. So both authentication and authorization are used to secure access to the REST API. When integrating with Jira and Confluence, there are four different methods that can be used to authenticate the caller:</span></div><ul class="tw-list-disc tw-pl-5" data-testid="unordered-list"><li><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">OAuth (available in Jira)</span></div></li><li><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">Basic authentication</span></div></li><li><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">Cookie-based authentication (available in Jira)</span></div></li><li><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">Personal access token (since Jira v8.14, JSM v4.15, Confluence v7.9)</span></div></li></ul><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit"> In this article, we will detail each of the four methods and how they work.</span></div><h3 id="oauth-" class="text-lg font-semibold text-N800 mt-3 mb-2">OAuth <span><style data-emotion="css co1y1t">.css-co1y1t{box-sizing:border-box;-webkit-appearance:none;-moz-appearance:none;-ms-appearance:none;appearance:none;border:none;background-color:var(--ds-background-success, #E3FCEF);padding-inline:var(--ds-space-050, 4px);display:-webkit-inline-box;display:-webkit-inline-flex;display:-ms-inline-flexbox;display:inline-flex;border-radius:var(--ds-border-radius, 3px);position:static;overflow:hidden;}</style><span style="max-width:100%" data-testid="lozenge" class="css-co1y1t"><style data-emotion="css 1et8jlg">.css-1et8jlg{box-sizing:border-box;margin:var(--ds-space-0, 0px);padding:var(--ds-space-0, 0px);font-family:var(--ds-font-family-sans, -apple-system, BlinkMacSystemFont, "Segoe UI", "Roboto", "Oxygen", "Ubuntu", "Fira Sans", "Droid Sans", "Helvetica Neue", sans-serif);color:var(--ds-text-success, #006644);font-size:var(--ds-font-size-050, 11px);font-weight:var(--ds-font-weight-bold, 700);line-height:var(--ds-font-lineHeight-100, 16px);overflow:hidden;text-overflow:ellipsis;white-space:nowrap;text-transform:uppercase;}</style><span style="max-width:calc(200px - var(--ds-space-100, 8px))" data-testid="lozenge--text" class="css-1et8jlg">JIRA ONLY</span></span></span></h3><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">OAuth is an authorization mechanism that contains an authentication step. Jira Server/Data Center uses </span><a target="_self" href="https://oauth.net/core/1.0a/" rel="" tabindex="0" class="inline-flex items-center justify-center gap-x-0.5 underline-offset-4 decoration-2 decoration-B300 font-regular hover:text-B300 hover:underline hover:cursor-pointer text-B400" style="word-break:break-word"><span>OAuth 1.0a</span></a><span class=" text-N800 text-base bg-inherit w-fit">, 3-legged OAuth (3LO). In this process, a user (called the </span><span class="tw-italic text-N800 text-base bg-inherit w-fit">resource owner</span><span class=" text-N800 text-base bg-inherit w-fit">) grants a third-party application (called the </span><span class="tw-italic text-N800 text-base bg-inherit w-fit">consumer/client</span><span class=" text-N800 text-base bg-inherit w-fit">) access to some information (called the </span><span class="tw-italic text-N800 text-base bg-inherit w-fit">resource</span><span class=" text-N800 text-base bg-inherit w-fit">). 3LO means that the resource owner is directly involved with authorizing access to the resource, as opposed to 2-legged OAuth, where the resource owner is not involved. See below to visualize how the process works:</span></div><div class="w-full overflow-hidden" data-testid="at-image"><figure><img alt="How to secure Jira & Confluence REST API calls in Data Center 1" src="https://images.ctfassets.net/5gpmvt00vjd3/EVB0g5wzzgolVnfr8E81B/b2d3cf4506777c430ee8305a6f552575/How_to_secure_Jira___Confluence_REST_API_calls_in_Data_Center_1.png?fm=png" class="scale-100 max-w-full mx-auto cursor-pointer"/></figure></div><div class="tw-my-4 info-panel"><style data-emotion="css 5unfzq">.css-5unfzq{box-sizing:border-box;-webkit-appearance:none;-moz-appearance:none;-ms-appearance:none;appearance:none;border:none;background-color:var(--ds-background-information, #DEEBFF);padding:var(--ds-space-200, 16px);word-break:break-word;border-radius:var(--ds-border-radius, 3px);}</style><section data-testid="info-panel" class="css-5unfzq"><style data-emotion="css 1trnsdp">.css-1trnsdp{display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;box-sizing:border-box;gap:var(--ds-space-200, 16px);-webkit-align-items:stretch;-webkit-box-align:stretch;-ms-flex-align:stretch;align-items:stretch;-webkit-flex-direction:row;-ms-flex-direction:row;flex-direction:row;}</style><div class="css-1trnsdp"><style data-emotion="css 14zxvl1">.css-14zxvl1{box-sizing:border-box;-webkit-appearance:none;-moz-appearance:none;-ms-appearance:none;appearance:none;border:none;display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;margin-block:var(--ds-space-negative-025, -2px);}</style><div class="css-14zxvl1"><style data-emotion="css 1afrefi">.css-1afrefi{display:inline-block;-webkit-flex-shrink:0;-ms-flex-negative:0;flex-shrink:0;line-height:1;width:24px;height:24px;}.css-1afrefi >svg{overflow:hidden;pointer-events:none;max-width:100%;max-height:100%;color:var(--icon-primary-color);fill:var(--icon-secondary-color);vertical-align:bottom;}.css-1afrefi >svg stop{stop-color:currentColor;}@media screen and (forced-colors: active){.css-1afrefi >svg{-webkit-filter:grayscale(1);filter:grayscale(1);--icon-primary-color:CanvasText;--icon-secondary-color:Canvas;}}.css-1afrefi >svg{width:24px;height:24px;}</style><span aria-hidden="true" style="--icon-primary-color:var(--ds-icon-information, #0747A6);--icon-secondary-color:var(--ds-background-information, #DEEBFF)" class="css-1afrefi"><svg width="24" height="24" viewBox="0 0 24 24" role="presentation"><g fill-rule="evenodd"><path d="M2 12c0 5.523 4.477 10 10 10s10-4.477 10-10S17.523 2 12 2 2 6.477 2 12z" fill="currentColor"/><rect fill="inherit" x="11" y="10" width="2" height="7" rx="1"/><circle fill="inherit" cx="12" cy="8" r="1"/></g></svg></span></div><style data-emotion="css t8lj6l">.css-t8lj6l{display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;box-sizing:border-box;gap:var(--ds-space-100, 8px);-webkit-flex-direction:column;-ms-flex-direction:column;flex-direction:column;-webkit-box-pack:stretch;-ms-flex-pack:stretch;-webkit-justify-content:stretch;justify-content:stretch;}</style><div data-testid="info-panel--content" class="css-t8lj6l"><style data-emotion="css xal9c7">.css-xal9c7{box-sizing:border-box;margin:var(--ds-space-0, 0px);padding:var(--ds-space-0, 0px);font-family:var(--ds-font-family-sans, -apple-system, BlinkMacSystemFont, "Segoe UI", "Roboto", "Oxygen", "Ubuntu", "Fira Sans", "Droid Sans", "Helvetica Neue", sans-serif);}</style><span class="css-xal9c7"><p>Get more info about the authorization flow here: <a href="https://developer.atlassian.com/server/jira/platform/oauth/#authorization-flow">OAuth</a></p></span></div></div></section></div><div class="tw-my-4 info-panel"><style data-emotion="css 5unfzq">.css-5unfzq{box-sizing:border-box;-webkit-appearance:none;-moz-appearance:none;-ms-appearance:none;appearance:none;border:none;background-color:var(--ds-background-information, #DEEBFF);padding:var(--ds-space-200, 16px);word-break:break-word;border-radius:var(--ds-border-radius, 3px);}</style><section data-testid="info-panel" class="css-5unfzq"><style data-emotion="css 1trnsdp">.css-1trnsdp{display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;box-sizing:border-box;gap:var(--ds-space-200, 16px);-webkit-align-items:stretch;-webkit-box-align:stretch;-ms-flex-align:stretch;align-items:stretch;-webkit-flex-direction:row;-ms-flex-direction:row;flex-direction:row;}</style><div class="css-1trnsdp"><style data-emotion="css 14zxvl1">.css-14zxvl1{box-sizing:border-box;-webkit-appearance:none;-moz-appearance:none;-ms-appearance:none;appearance:none;border:none;display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;margin-block:var(--ds-space-negative-025, -2px);}</style><div class="css-14zxvl1"><style data-emotion="css 1afrefi">.css-1afrefi{display:inline-block;-webkit-flex-shrink:0;-ms-flex-negative:0;flex-shrink:0;line-height:1;width:24px;height:24px;}.css-1afrefi >svg{overflow:hidden;pointer-events:none;max-width:100%;max-height:100%;color:var(--icon-primary-color);fill:var(--icon-secondary-color);vertical-align:bottom;}.css-1afrefi >svg stop{stop-color:currentColor;}@media screen and (forced-colors: active){.css-1afrefi >svg{-webkit-filter:grayscale(1);filter:grayscale(1);--icon-primary-color:CanvasText;--icon-secondary-color:Canvas;}}.css-1afrefi >svg{width:24px;height:24px;}</style><span aria-hidden="true" style="--icon-primary-color:var(--ds-icon-information, #0747A6);--icon-secondary-color:var(--ds-background-information, #DEEBFF)" class="css-1afrefi"><svg width="24" height="24" viewBox="0 0 24 24" role="presentation"><g fill-rule="evenodd"><path d="M2 12c0 5.523 4.477 10 10 10s10-4.477 10-10S17.523 2 12 2 2 6.477 2 12z" fill="currentColor"/><rect fill="inherit" x="11" y="10" width="2" height="7" rx="1"/><circle fill="inherit" cx="12" cy="8" r="1"/></g></svg></span></div><style data-emotion="css t8lj6l">.css-t8lj6l{display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;box-sizing:border-box;gap:var(--ds-space-100, 8px);-webkit-flex-direction:column;-ms-flex-direction:column;flex-direction:column;-webkit-box-pack:stretch;-ms-flex-pack:stretch;-webkit-justify-content:stretch;justify-content:stretch;}</style><div data-testid="info-panel--content" class="css-t8lj6l"><style data-emotion="css xal9c7">.css-xal9c7{box-sizing:border-box;margin:var(--ds-space-0, 0px);padding:var(--ds-space-0, 0px);font-family:var(--ds-font-family-sans, -apple-system, BlinkMacSystemFont, "Segoe UI", "Roboto", "Oxygen", "Ubuntu", "Fira Sans", "Droid Sans", "Helvetica Neue", sans-serif);}</style><span class="css-xal9c7"><p>The tokens that are used with this OAuth method have nothing to do with personal access tokens. For more information about them, see the "Personal access token" section below.</p></span></div></div></section></div><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">This method is the one of the most secure among the ones that are available out-of-the-box in Jira Server/Data Center. However, it’s the one that takes the most effort to implement, as it will require you to configure an application link (playing the role of </span><span class="tw-italic text-N800 text-base bg-inherit w-fit">consumer/client</span><span class=" text-N800 text-base bg-inherit w-fit">) and a library in order to make the calls.</span></div><div class="tw-my-4 info-panel"><style data-emotion="css 5unfzq">.css-5unfzq{box-sizing:border-box;-webkit-appearance:none;-moz-appearance:none;-ms-appearance:none;appearance:none;border:none;background-color:var(--ds-background-information, #DEEBFF);padding:var(--ds-space-200, 16px);word-break:break-word;border-radius:var(--ds-border-radius, 3px);}</style><section data-testid="info-panel" class="css-5unfzq"><style data-emotion="css 1trnsdp">.css-1trnsdp{display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;box-sizing:border-box;gap:var(--ds-space-200, 16px);-webkit-align-items:stretch;-webkit-box-align:stretch;-ms-flex-align:stretch;align-items:stretch;-webkit-flex-direction:row;-ms-flex-direction:row;flex-direction:row;}</style><div class="css-1trnsdp"><style data-emotion="css 14zxvl1">.css-14zxvl1{box-sizing:border-box;-webkit-appearance:none;-moz-appearance:none;-ms-appearance:none;appearance:none;border:none;display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;margin-block:var(--ds-space-negative-025, -2px);}</style><div class="css-14zxvl1"><style data-emotion="css 1afrefi">.css-1afrefi{display:inline-block;-webkit-flex-shrink:0;-ms-flex-negative:0;flex-shrink:0;line-height:1;width:24px;height:24px;}.css-1afrefi >svg{overflow:hidden;pointer-events:none;max-width:100%;max-height:100%;color:var(--icon-primary-color);fill:var(--icon-secondary-color);vertical-align:bottom;}.css-1afrefi >svg stop{stop-color:currentColor;}@media screen and (forced-colors: active){.css-1afrefi >svg{-webkit-filter:grayscale(1);filter:grayscale(1);--icon-primary-color:CanvasText;--icon-secondary-color:Canvas;}}.css-1afrefi >svg{width:24px;height:24px;}</style><span aria-hidden="true" style="--icon-primary-color:var(--ds-icon-information, #0747A6);--icon-secondary-color:var(--ds-background-information, #DEEBFF)" class="css-1afrefi"><svg width="24" height="24" viewBox="0 0 24 24" role="presentation"><g fill-rule="evenodd"><path d="M2 12c0 5.523 4.477 10 10 10s10-4.477 10-10S17.523 2 12 2 2 6.477 2 12z" fill="currentColor"/><rect fill="inherit" x="11" y="10" width="2" height="7" rx="1"/><circle fill="inherit" cx="12" cy="8" r="1"/></g></svg></span></div><style data-emotion="css t8lj6l">.css-t8lj6l{display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;box-sizing:border-box;gap:var(--ds-space-100, 8px);-webkit-flex-direction:column;-ms-flex-direction:column;flex-direction:column;-webkit-box-pack:stretch;-ms-flex-pack:stretch;-webkit-justify-content:stretch;justify-content:stretch;}</style><div data-testid="info-panel--content" class="css-t8lj6l"><style data-emotion="css xal9c7">.css-xal9c7{box-sizing:border-box;margin:var(--ds-space-0, 0px);padding:var(--ds-space-0, 0px);font-family:var(--ds-font-family-sans, -apple-system, BlinkMacSystemFont, "Segoe UI", "Roboto", "Oxygen", "Ubuntu", "Fira Sans", "Droid Sans", "Helvetica Neue", sans-serif);}</style><span class="css-xal9c7"><p>See how to configure OAuth 1.0 to be used for the REST API calls: <a href="https://developer.atlassian.com/server/jira/platform/oauth/#before-you-begin">OAuth | Before you begin</a></p></span></div></div></section></div><h2 id="basic-authentication" class="text-1.5xl font-semibold text-N800 mt-3 mb-2 relative">Basic authentication</h2><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">Basic authentication is the simplest way to authenticate a REST API call. In short, it sends a username and password in every request, contained in an </span><code class="monospace" data-testid="monospace">Authorization: Basic <credentials></code><span class=" text-N800 text-base bg-inherit w-fit"> header, where credentials are the </span><code class="monospace" data-testid="monospace">username:password</code><span class=" text-N800 text-base bg-inherit w-fit"> Base64 encoded.</span></div><h3 id="security-flaws" class="text-lg font-semibold text-N800 mt-3 mb-2">Security flaws</h3><ul class="tw-list-disc tw-pl-5" data-testid="unordered-list"><li><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">Credentials are sent in a form that can be decoded easily (Base64). This could be solved by securing the connection using TLS/SSL.</span></div></li><li><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">The password is sent repeatedly, for each request, which opens up a larger attack window.</span></div></li><li><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">The password is cached by the browser, so it can be silently reused by any other request to the server.</span></div></li><li><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">The password may be stored permanently in the browser, if the user requests. This creates a similar risk as the previous point, and also may allow it to be stolen by another user on a shared machine.</span></div></li></ul><div class="tw-my-4 info-panel"><style data-emotion="css 5unfzq">.css-5unfzq{box-sizing:border-box;-webkit-appearance:none;-moz-appearance:none;-ms-appearance:none;appearance:none;border:none;background-color:var(--ds-background-information, #DEEBFF);padding:var(--ds-space-200, 16px);word-break:break-word;border-radius:var(--ds-border-radius, 3px);}</style><section data-testid="info-panel" class="css-5unfzq"><style data-emotion="css 1trnsdp">.css-1trnsdp{display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;box-sizing:border-box;gap:var(--ds-space-200, 16px);-webkit-align-items:stretch;-webkit-box-align:stretch;-ms-flex-align:stretch;align-items:stretch;-webkit-flex-direction:row;-ms-flex-direction:row;flex-direction:row;}</style><div class="css-1trnsdp"><style data-emotion="css 14zxvl1">.css-14zxvl1{box-sizing:border-box;-webkit-appearance:none;-moz-appearance:none;-ms-appearance:none;appearance:none;border:none;display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;margin-block:var(--ds-space-negative-025, -2px);}</style><div class="css-14zxvl1"><style data-emotion="css 1afrefi">.css-1afrefi{display:inline-block;-webkit-flex-shrink:0;-ms-flex-negative:0;flex-shrink:0;line-height:1;width:24px;height:24px;}.css-1afrefi >svg{overflow:hidden;pointer-events:none;max-width:100%;max-height:100%;color:var(--icon-primary-color);fill:var(--icon-secondary-color);vertical-align:bottom;}.css-1afrefi >svg stop{stop-color:currentColor;}@media screen and (forced-colors: active){.css-1afrefi >svg{-webkit-filter:grayscale(1);filter:grayscale(1);--icon-primary-color:CanvasText;--icon-secondary-color:Canvas;}}.css-1afrefi >svg{width:24px;height:24px;}</style><span aria-hidden="true" style="--icon-primary-color:var(--ds-icon-information, #0747A6);--icon-secondary-color:var(--ds-background-information, #DEEBFF)" class="css-1afrefi"><svg width="24" height="24" viewBox="0 0 24 24" role="presentation"><g fill-rule="evenodd"><path d="M2 12c0 5.523 4.477 10 10 10s10-4.477 10-10S17.523 2 12 2 2 6.477 2 12z" fill="currentColor"/><rect fill="inherit" x="11" y="10" width="2" height="7" rx="1"/><circle fill="inherit" cx="12" cy="8" r="1"/></g></svg></span></div><style data-emotion="css t8lj6l">.css-t8lj6l{display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;box-sizing:border-box;gap:var(--ds-space-100, 8px);-webkit-flex-direction:column;-ms-flex-direction:column;flex-direction:column;-webkit-box-pack:stretch;-ms-flex-pack:stretch;-webkit-justify-content:stretch;justify-content:stretch;}</style><div data-testid="info-panel--content" class="css-t8lj6l"><style data-emotion="css xal9c7">.css-xal9c7{box-sizing:border-box;margin:var(--ds-space-0, 0px);padding:var(--ds-space-0, 0px);font-family:var(--ds-font-family-sans, -apple-system, BlinkMacSystemFont, "Segoe UI", "Roboto", "Oxygen", "Ubuntu", "Fira Sans", "Droid Sans", "Helvetica Neue", sans-serif);}</style><span class="css-xal9c7"><ul> <li> <p>Get more info about basic authentication and Jira REST API: <a href="https://developer.atlassian.com/server/jira/platform/basic-authentication/">Basic authentication</a></p> </li> <li> <p>Learn how this can affect the REST API calls: <a href="https://developer.atlassian.com/server/jira/platform/basic-authentication/#captcha">CAPTCHA</a></p> </li> </ul></span></div></div></section></div><h3 id="disabling-basic-authentication-in-jira" class="text-lg font-semibold text-N800 mt-3 mb-2">Disabling basic authentication in Jira</h3><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">In Jira Server/Data Center v8.16, the basic authentication method can be disabled natively.</span></div><ul class="tw-list-disc tw-pl-5" data-testid="unordered-list"><li><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">Learn how: </span><a target="_self" href="https://confluence.atlassian.com/enterprise/disabling-basic-authentication-1044776464.html" rel="" tabindex="0" class="inline-flex items-center justify-center gap-x-0.5 underline-offset-4 decoration-2 decoration-B300 font-regular hover:text-B300 hover:underline hover:cursor-pointer text-B400" style="word-break:break-word"><span>Disabling basic authentication</span></a></div></li></ul><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">When basic authentication is disabled, you can still create an allowlist for specific users and URLs to use basic authentication in REST API calls.</span></div><ul class="tw-list-disc tw-pl-5" data-testid="unordered-list"><li><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">Learn how: </span><a target="_self" href="https://confluence.atlassian.com/enterprise/creating-an-allowlist-when-basic-authentication-is-disabled-1044106574.html" rel="" tabindex="0" class="inline-flex items-center justify-center gap-x-0.5 underline-offset-4 decoration-2 decoration-B300 font-regular hover:text-B300 hover:underline hover:cursor-pointer text-B400" style="word-break:break-word"><span>Creating an allowlist when basic authentication is disabled</span></a></div></li></ul><h2 id="cookie-based-authentication-" class="text-1.5xl font-semibold text-N800 mt-3 mb-2 relative">Cookie-based authentication <span><style data-emotion="css co1y1t">.css-co1y1t{box-sizing:border-box;-webkit-appearance:none;-moz-appearance:none;-ms-appearance:none;appearance:none;border:none;background-color:var(--ds-background-success, #E3FCEF);padding-inline:var(--ds-space-050, 4px);display:-webkit-inline-box;display:-webkit-inline-flex;display:-ms-inline-flexbox;display:inline-flex;border-radius:var(--ds-border-radius, 3px);position:static;overflow:hidden;}</style><span style="max-width:100%" data-testid="lozenge" class="css-co1y1t"><style data-emotion="css 1et8jlg">.css-1et8jlg{box-sizing:border-box;margin:var(--ds-space-0, 0px);padding:var(--ds-space-0, 0px);font-family:var(--ds-font-family-sans, -apple-system, BlinkMacSystemFont, "Segoe UI", "Roboto", "Oxygen", "Ubuntu", "Fira Sans", "Droid Sans", "Helvetica Neue", sans-serif);color:var(--ds-text-success, #006644);font-size:var(--ds-font-size-050, 11px);font-weight:var(--ds-font-weight-bold, 700);line-height:var(--ds-font-lineHeight-100, 16px);overflow:hidden;text-overflow:ellipsis;white-space:nowrap;text-transform:uppercase;}</style><span style="max-width:calc(200px - var(--ds-space-100, 8px))" data-testid="lozenge--text" class="css-1et8jlg">JIRA ONLY</span></span></span></h2><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">Cookie-based authentication will create a session object when logging in that will be reused for the subsequent calls. Here's how it works:</span></div><ol class="tw-list-decimal tw-pl-5" data-testid="ordered-list"><li><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">The client creates a new session for the user via the Jira REST API (calling the session resource </span><code class="monospace" data-testid="monospace">/auth/1/session</code><span class=" text-N800 text-base bg-inherit w-fit"> with a username and password).</span></div></li><li><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">Jira returns a session object that has information about the session, including the session cookie. The client stores this session object.</span></div></li><li><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">The client can now set the cookie in the header for all subsequent requests to the Jira REST API (</span><code class="monospace" data-testid="monospace">Set-Cookie: JSESSIONID=6E3487971234567896704A9EB4AE501F; Path=/; HttpOnly</code><span class=" text-N800 text-base bg-inherit w-fit">).</span></div></li></ol><div class="tw-my-4 info-panel"><style data-emotion="css 5unfzq">.css-5unfzq{box-sizing:border-box;-webkit-appearance:none;-moz-appearance:none;-ms-appearance:none;appearance:none;border:none;background-color:var(--ds-background-information, #DEEBFF);padding:var(--ds-space-200, 16px);word-break:break-word;border-radius:var(--ds-border-radius, 3px);}</style><section data-testid="info-panel" class="css-5unfzq"><style data-emotion="css 1trnsdp">.css-1trnsdp{display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;box-sizing:border-box;gap:var(--ds-space-200, 16px);-webkit-align-items:stretch;-webkit-box-align:stretch;-ms-flex-align:stretch;align-items:stretch;-webkit-flex-direction:row;-ms-flex-direction:row;flex-direction:row;}</style><div class="css-1trnsdp"><style data-emotion="css 14zxvl1">.css-14zxvl1{box-sizing:border-box;-webkit-appearance:none;-moz-appearance:none;-ms-appearance:none;appearance:none;border:none;display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;margin-block:var(--ds-space-negative-025, -2px);}</style><div class="css-14zxvl1"><style data-emotion="css 1afrefi">.css-1afrefi{display:inline-block;-webkit-flex-shrink:0;-ms-flex-negative:0;flex-shrink:0;line-height:1;width:24px;height:24px;}.css-1afrefi >svg{overflow:hidden;pointer-events:none;max-width:100%;max-height:100%;color:var(--icon-primary-color);fill:var(--icon-secondary-color);vertical-align:bottom;}.css-1afrefi >svg stop{stop-color:currentColor;}@media screen and (forced-colors: active){.css-1afrefi >svg{-webkit-filter:grayscale(1);filter:grayscale(1);--icon-primary-color:CanvasText;--icon-secondary-color:Canvas;}}.css-1afrefi >svg{width:24px;height:24px;}</style><span aria-hidden="true" style="--icon-primary-color:var(--ds-icon-information, #0747A6);--icon-secondary-color:var(--ds-background-information, #DEEBFF)" class="css-1afrefi"><svg width="24" height="24" viewBox="0 0 24 24" role="presentation"><g fill-rule="evenodd"><path d="M2 12c0 5.523 4.477 10 10 10s10-4.477 10-10S17.523 2 12 2 2 6.477 2 12z" fill="currentColor"/><rect fill="inherit" x="11" y="10" width="2" height="7" rx="1"/><circle fill="inherit" cx="12" cy="8" r="1"/></g></svg></span></div><style data-emotion="css t8lj6l">.css-t8lj6l{display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;box-sizing:border-box;gap:var(--ds-space-100, 8px);-webkit-flex-direction:column;-ms-flex-direction:column;flex-direction:column;-webkit-box-pack:stretch;-ms-flex-pack:stretch;-webkit-justify-content:stretch;justify-content:stretch;}</style><div data-testid="info-panel--content" class="css-t8lj6l"><style data-emotion="css xal9c7">.css-xal9c7{box-sizing:border-box;margin:var(--ds-space-0, 0px);padding:var(--ds-space-0, 0px);font-family:var(--ds-font-family-sans, -apple-system, BlinkMacSystemFont, "Segoe UI", "Roboto", "Oxygen", "Ubuntu", "Fira Sans", "Droid Sans", "Helvetica Neue", sans-serif);}</style><span class="css-xal9c7"><ul> <li> <p>Get more info about cookie-based Authentication and Jira REST API: <a href="https://developer.atlassian.com/server/jira/platform/cookie-based-authentication/">Cookie-based authentication</a></p> </li> <li> <p>Learn how this method is affected by cookie expiration, CAPTCHAs, and form token checking: <a href="https://developer.atlassian.com/server/jira/platform/cookie-based-authentication/#advanced-topics">Advanced topic</a></p> </li> </ul></span></div></div></section></div><h2 id="personal-access-tokens" class="text-1.5xl font-semibold text-N800 mt-3 mb-2 relative">Personal access tokens</h2><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">Personal access tokens (aka API tokens) were created to provide a more secure way to authenticate for third-party integrations. Already available in Bitbucket and Bamboo (for both Server and Data Center) and also in Cloud products, personal access tokens have been recently added to Jira (v8.14), JSM (v4.15) and Confluence (v7.9) Server/Data Center.</span></div><h3 id="how-personal-access-tokens-work" class="text-lg font-semibold text-N800 mt-3 mb-2">How personal access tokens work</h3><ul class="tw-list-disc tw-pl-5" data-testid="unordered-list"><li><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">A user can create or revoke their own personal tokens via the </span><span class="tw-italic text-N800 text-base bg-inherit w-fit">User Profile</span><span class=" text-N800 text-base bg-inherit w-fit"> screen.</span></div></li><li><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">For Bitbucket and Bamboo, tokens are only for REST API calls and can't be used for product UI login. In contrast, for Jira and Confluence, tokens serve both for REST API calls and product UI login.</span></div></li><li><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">The individual tokens will inherit the user’s existing product permissions.</span></div></li><li><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">Tokens can be expiring (specified in days) or non-expiring. The ability to create non-expiring tokens can be switched-off with the </span><code class="monospace" data-testid="monospace">atlassian.pats.eternal.tokens.enabled</code><span class=" text-N800 text-base bg-inherit w-fit"> system property (</span><code class="monospace" data-testid="monospace">true</code><span class=" text-N800 text-base bg-inherit w-fit"> by default).</span></div></li><li><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">The user can create a maximum of 10 tokens — this can be adjusted with the </span><code class="monospace" data-testid="monospace">atlassian.pats.max.tokens.per.user</code><span class=" text-N800 text-base bg-inherit w-fit"> system property.</span></div></li><li><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">To see other system properties that can be configured, see the "System properties" table below.</span></div></li><li><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">Once generated, the token given to the user cannot be retrieved, it needs to be remembered.</span></div></li><li><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">Tokens are immutable, i.e. they can’t be changed after they have been created.</span></div></li><li><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">When a users successfully authenticates to the REST API using a created token, the “Last authenticated” timestamp is updated in the token list.</span></div></li><li><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">Admins can administer user tokens, including viewing, searching, and deleting.</span></div></li><li><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">To invoke a REST API call using the token, an HTTP Bearer authorization header has to be included:</span></div></li></ul><code data-testid="code-block" class="inline-code"><button aria-label="Copy" aria-haspopup="true" class="copy-to-clipboard tooltip" type="button" tabindex="0"><span class="tooltipText">Copy</span><span class="w-fit h-fit inline-flex "><style data-emotion="css 1afrefi">.css-1afrefi{display:inline-block;-webkit-flex-shrink:0;-ms-flex-negative:0;flex-shrink:0;line-height:1;width:24px;height:24px;}.css-1afrefi >svg{overflow:hidden;pointer-events:none;max-width:100%;max-height:100%;color:var(--icon-primary-color);fill:var(--icon-secondary-color);vertical-align:bottom;}.css-1afrefi >svg stop{stop-color:currentColor;}@media screen and (forced-colors: active){.css-1afrefi >svg{-webkit-filter:grayscale(1);filter:grayscale(1);--icon-primary-color:CanvasText;--icon-secondary-color:Canvas;}}.css-1afrefi >svg{width:24px;height:24px;}</style><span data-testid="copy" aria-hidden="true" style="--icon-primary-color:#172B4D;--icon-secondary-color:var(--ds-surface, #FFFFFF)" class="css-1afrefi"><svg width="24" height="24" viewBox="0 0 24 24" role="presentation"><g fill="currentColor"><path d="M10 19h8V8h-8v11zM8 7.992C8 6.892 8.902 6 10.009 6h7.982C19.101 6 20 6.893 20 7.992v11.016c0 1.1-.902 1.992-2.009 1.992H10.01A2.001 2.001 0 018 19.008V7.992z"/><path d="M5 16V4.992C5 3.892 5.902 3 7.009 3H15v13H5zm2 0h8V5H7v11z"/></g></svg></span></span></button><span class="code"><span class="code-lines"><span class="line-number">1</span><span class="line-text">curl --header 'Authorization: Bearer NDcwNDQ0NTQ2MzE5Ol7lyYmNQ8WynnNMlhW2MpewDjGr' http://localhost:2990/jira/rest/api/2/project</span></span></span></code><ul class="tw-list-disc tw-pl-5" data-testid="unordered-list"><li><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">A token itself can be created through the REST API:</span></div></li></ul><code data-testid="code-block" class="inline-code"><button aria-label="Copy" aria-haspopup="true" class="copy-to-clipboard tooltip" type="button" tabindex="0"><span class="tooltipText">Copy</span><span class="w-fit h-fit inline-flex "><style data-emotion="css 1afrefi">.css-1afrefi{display:inline-block;-webkit-flex-shrink:0;-ms-flex-negative:0;flex-shrink:0;line-height:1;width:24px;height:24px;}.css-1afrefi >svg{overflow:hidden;pointer-events:none;max-width:100%;max-height:100%;color:var(--icon-primary-color);fill:var(--icon-secondary-color);vertical-align:bottom;}.css-1afrefi >svg stop{stop-color:currentColor;}@media screen and (forced-colors: active){.css-1afrefi >svg{-webkit-filter:grayscale(1);filter:grayscale(1);--icon-primary-color:CanvasText;--icon-secondary-color:Canvas;}}.css-1afrefi >svg{width:24px;height:24px;}</style><span data-testid="copy" aria-hidden="true" style="--icon-primary-color:#172B4D;--icon-secondary-color:var(--ds-surface, #FFFFFF)" class="css-1afrefi"><svg width="24" height="24" viewBox="0 0 24 24" role="presentation"><g fill="currentColor"><path d="M10 19h8V8h-8v11zM8 7.992C8 6.892 8.902 6 10.009 6h7.982C19.101 6 20 6.893 20 7.992v11.016c0 1.1-.902 1.992-2.009 1.992H10.01A2.001 2.001 0 018 19.008V7.992z"/><path d="M5 16V4.992C5 3.892 5.902 3 7.009 3H15v13H5zm2 0h8V5H7v11z"/></g></svg></span></span></button><span class="code"><span class="code-lines"><span class="line-number">1</span><span class="line-text">curl --request POST 'http://localhost:2990/jira/rest/pat/1.0/tokens' \</span></span><span class="code-lines"><span class="line-number">2</span><span class="line-text">--header 'Authorization: Bearer NDcwNDQ0NTQ2MzE5Ol7lyYmNQ8WynnNMlhW2MpewDjGr'</span></span><span class="code-lines"><span class="line-number">3</span><span class="line-text">--header 'Content-Type: application/json' \</span></span><span class="code-lines"><span class="line-number">4</span><span class="line-text">--data-raw '{</span></span><span class="code-lines"><span class="line-number">5</span><span class="line-text"> "name": "Yet Another Token!",</span></span><span class="code-lines"><span class="line-number">6</span><span class="line-text"> "expirationDuration": "90"</span></span><span class="code-lines"><span class="line-number">7</span><span class="line-text">}'</span></span></span></code><ul class="tw-list-disc tw-pl-5" data-testid="unordered-list"><li><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">See </span><a target="_self" href="https://confluence.atlassian.com/enterprise/using-personal-access-tokens-1026032365.html" rel="" tabindex="0" class="inline-flex items-center justify-center gap-x-0.5 underline-offset-4 decoration-2 decoration-B300 font-regular hover:text-B300 hover:underline hover:cursor-pointer text-B400" style="word-break:break-word"><span>Using Personal Access Tokens</span></a><span class=" text-N800 text-base bg-inherit w-fit"> for more info.</span></div></li></ul><h3 id="how-the-token-is-built-and-managed-internally" class="text-lg font-semibold text-N800 mt-3 mb-2">How the token is built and managed internally</h3><ul class="tw-list-disc tw-pl-5" data-testid="unordered-list"><li><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">The token is made up of two parts, the ID and the secret.</span></div></li><li><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">The ID is a 12 digit number that represents the username.</span></div></li><li><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">The secret is 20 bits of random data.</span></div></li><li><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">The ID, a ":" character, and the secret are concatenated, then base64 encoded. This token is returned to the user.</span></div></li><li><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">The secret is put through our default password encoder and is stored hashed and salted in the database along with the plain text ID number.</span></div></li></ul><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">Therefore, we could say that in the database at rest, the token's secret is stored cryptographically salted and hashed, however, the raw token is returned to the end user and then sent to Jira during authentication.</span></div><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">In transit, this token would be subject to whatever protocol encryption is enforced between the client and Jira, for example, TLS.</span></div><h3 id="system-properties" class="text-lg font-semibold text-N800 mt-3 mb-2">System properties</h3><table class="tw-border-collapse tw-table-auto tw-border-none tw-block tw-border-N50 tw-max-w-full tw-my-4 tw-overflow-x-auto"><tbody><tr><th class="tw-py-2 tw-px-3 tw-font-semibold tw-border tw-border-N50 tw-bg-N20 tw-text-left"><div class="tw-pb-3"><span class="tw-font-bold text-N800 text-base bg-inherit w-fit">Property</span></div></th><th class="tw-py-2 tw-px-3 tw-font-semibold tw-border tw-border-N50 tw-bg-N20 tw-text-left"><div class="tw-pb-3"><span class="tw-font-bold text-N800 text-base bg-inherit w-fit">Default</span></div></th><th class="tw-py-2 tw-px-3 tw-font-semibold tw-border tw-border-N50 tw-bg-N20 tw-text-left"><div class="tw-pb-3"><span class="tw-font-bold text-N800 text-base bg-inherit w-fit">Description</span></div></th></tr><tr><td class="tw-py-2 tw-pl-3 tw-pr-5 tw-border tw-align-top tw-border-N50 table-cell"><div class="tw-pb-3"><code class="monospace" data-testid="monospace">atlassian.pats.enabled</code></div></td><td class="tw-py-2 tw-pl-3 tw-pr-5 tw-border tw-align-top tw-border-N50 table-cell"><div class="tw-pb-3"><code class="monospace" data-testid="monospace">true</code></div></td><td class="tw-py-2 tw-pl-3 tw-pr-5 tw-border tw-align-top tw-border-N50 table-cell"><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">Whether personal access tokens are globally enabled</span></div></td></tr><tr><td class="tw-py-2 tw-pl-3 tw-pr-5 tw-border tw-align-top tw-border-N50 table-cell"><div class="tw-pb-3"><code class="monospace" data-testid="monospace">atlassian.pats.eternal.tokens.enabled</code></div></td><td class="tw-py-2 tw-pl-3 tw-pr-5 tw-border tw-align-top tw-border-N50 table-cell"><div class="tw-pb-3"><code class="monospace" data-testid="monospace">true</code></div></td><td class="tw-py-2 tw-pl-3 tw-pr-5 tw-border tw-align-top tw-border-N50 table-cell"><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">If users should be able to create tokens that do not expire</span></div></td></tr><tr><td class="tw-py-2 tw-pl-3 tw-pr-5 tw-border tw-align-top tw-border-N50 table-cell"><div class="tw-pb-3"><code class="monospace" data-testid="monospace">atlassian.pats.mail.notifications.enabled</code></div></td><td class="tw-py-2 tw-pl-3 tw-pr-5 tw-border tw-align-top tw-border-N50 table-cell"><div class="tw-pb-3"><code class="monospace" data-testid="monospace">true</code></div></td><td class="tw-py-2 tw-pl-3 tw-pr-5 tw-border tw-align-top tw-border-N50 table-cell"><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">Whether mail notifications are globally enabled</span></div></td></tr><tr><td class="tw-py-2 tw-pl-3 tw-pr-5 tw-border tw-align-top tw-border-N50 table-cell"><div class="tw-pb-3"><code class="monospace" data-testid="monospace">atlassian.pats.last.used.update.interval.mins</code></div></td><td class="tw-py-2 tw-pl-3 tw-pr-5 tw-border tw-align-top tw-border-N50 table-cell"><div class="tw-pb-3"><code class="monospace" data-testid="monospace">1</code></div></td><td class="tw-py-2 tw-pl-3 tw-pr-5 tw-border tw-align-top tw-border-N50 table-cell"><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">The interval at which the scheduler job is updating the 'last accessed at' property of each token, in minutes</span></div></td></tr><tr><td class="tw-py-2 tw-pl-3 tw-pr-5 tw-border tw-align-top tw-border-N50 table-cell"><div class="tw-pb-3"><code class="monospace" data-testid="monospace">atlassian.pats.pruning.schedule.cron</code></div></td><td class="tw-py-2 tw-pl-3 tw-pr-5 tw-border tw-align-top tw-border-N50 table-cell"><div class="tw-pb-3"><code class="monospace" data-testid="monospace">0 0 0 * * ?</code><span class=" text-N800 text-base bg-inherit w-fit"> - 12 am local time, every day</span></div></td><td class="tw-py-2 tw-pl-3 tw-pr-5 tw-border tw-align-top tw-border-N50 table-cell"><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">The CRON expression for the expired token pruning scheduler job</span></div></td></tr><tr><td class="tw-py-2 tw-pl-3 tw-pr-5 tw-border tw-align-top tw-border-N50 table-cell"><div class="tw-pb-3"><code class="monospace" data-testid="monospace">atlassian.pats.pruning.delay.days</code></div></td><td class="tw-py-2 tw-pl-3 tw-pr-5 tw-border tw-align-top tw-border-N50 table-cell"><div class="tw-pb-3"><code class="monospace" data-testid="monospace">30</code></div></td><td class="tw-py-2 tw-pl-3 tw-pr-5 tw-border tw-align-top tw-border-N50 table-cell"><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">The delay before expired tokens are removed from the database, in days</span></div></td></tr><tr><td class="tw-py-2 tw-pl-3 tw-pr-5 tw-border tw-align-top tw-border-N50 table-cell"><div class="tw-pb-3"><code class="monospace" data-testid="monospace">atlassian.pats.max.tokens.expiry.days</code></div></td><td class="tw-py-2 tw-pl-3 tw-pr-5 tw-border tw-align-top tw-border-N50 table-cell"><div class="tw-pb-3"><code class="monospace" data-testid="monospace">365</code></div></td><td class="tw-py-2 tw-pl-3 tw-pr-5 tw-border tw-align-top tw-border-N50 table-cell"><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">Maximum number of days for a token to expire</span></div></td></tr><tr><td class="tw-py-2 tw-pl-3 tw-pr-5 tw-border tw-align-top tw-border-N50 table-cell"><div class="tw-pb-3"><code class="monospace" data-testid="monospace">atlassian.pats.max.tokens.per.user</code></div></td><td class="tw-py-2 tw-pl-3 tw-pr-5 tw-border tw-align-top tw-border-N50 table-cell"><div class="tw-pb-3"><code class="monospace" data-testid="monospace">10</code></div></td><td class="tw-py-2 tw-pl-3 tw-pr-5 tw-border tw-align-top tw-border-N50 table-cell"><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">Maximum number of tokens allowed per user</span></div></td></tr><tr><td class="tw-py-2 tw-pl-3 tw-pr-5 tw-border tw-align-top tw-border-N50 table-cell"><div class="tw-pb-3"><code class="monospace" data-testid="monospace">atlassian.pats.auth.cache.expiry.mins</code></div></td><td class="tw-py-2 tw-pl-3 tw-pr-5 tw-border tw-align-top tw-border-N50 table-cell"><div class="tw-pb-3"><code class="monospace" data-testid="monospace">60</code></div></td><td class="tw-py-2 tw-pl-3 tw-pr-5 tw-border tw-align-top tw-border-N50 table-cell"><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">The length of time, in minutes, an item can stay in the authentication cache before being removed</span></div></td></tr><tr><td class="tw-py-2 tw-pl-3 tw-pr-5 tw-border tw-align-top tw-border-N50 table-cell"><div class="tw-pb-3"><code class="monospace" data-testid="monospace">atlassian.pats.auth.cache.max.items</code></div></td><td class="tw-py-2 tw-pl-3 tw-pr-5 tw-border tw-align-top tw-border-N50 table-cell"><div class="tw-pb-3"><code class="monospace" data-testid="monospace">5000</code></div></td><td class="tw-py-2 tw-pl-3 tw-pr-5 tw-border tw-align-top tw-border-N50 table-cell"><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">The maximum number of items allowed in the authentication cache</span></div></td></tr><tr><td class="tw-py-2 tw-pl-3 tw-pr-5 tw-border tw-align-top tw-border-N50 table-cell"><div class="tw-pb-3"><code class="monospace" data-testid="monospace">atlassian.pats.expiry.check.schedule.cron</code></div></td><td class="tw-py-2 tw-pl-3 tw-pr-5 tw-border tw-align-top tw-border-N50 table-cell"><div class="tw-pb-3"><code class="monospace" data-testid="monospace">0 0 * * * ?</code><span class=" text-N800 text-base bg-inherit w-fit"> - every hour</span></div></td><td class="tw-py-2 tw-pl-3 tw-pr-5 tw-border tw-align-top tw-border-N50 table-cell"><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">The CRON expression for the scheduler job that sends notifications about expired tokens and tokens that will expire soon</span></div></td></tr><tr><td class="tw-py-2 tw-pl-3 tw-pr-5 tw-border tw-align-top tw-border-N50 table-cell"><div class="tw-pb-3"><code class="monospace" data-testid="monospace">atlassian.pats.expiry.warning.days</code></div></td><td class="tw-py-2 tw-pl-3 tw-pr-5 tw-border tw-align-top tw-border-N50 table-cell"><div class="tw-pb-3"><code class="monospace" data-testid="monospace">5</code></div></td><td class="tw-py-2 tw-pl-3 tw-pr-5 tw-border tw-align-top tw-border-N50 table-cell"><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">How many days before sending an e-mail notification about tokens that will expire soon</span></div></td></tr><tr><td class="tw-py-2 tw-pl-3 tw-pr-5 tw-border tw-align-top tw-border-N50 table-cell"><div class="tw-pb-3"><code class="monospace" data-testid="monospace">atlassian.pats.invalidate.session.enabled</code></div></td><td class="tw-py-2 tw-pl-3 tw-pr-5 tw-border tw-align-top tw-border-N50 table-cell"><div class="tw-pb-3"><code class="monospace" data-testid="monospace">true</code></div></td><td class="tw-py-2 tw-pl-3 tw-pr-5 tw-border tw-align-top tw-border-N50 table-cell"><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">If the session should be invalidated after succeeded authentication using personal access token</span></div></td></tr><tr><td class="tw-py-2 tw-pl-3 tw-pr-5 tw-border tw-align-top tw-border-N50 table-cell"><div class="tw-pb-3"><code class="monospace" data-testid="monospace">atlassian.pats.token.name.length</code></div></td><td class="tw-py-2 tw-pl-3 tw-pr-5 tw-border tw-align-top tw-border-N50 table-cell"><div class="tw-pb-3"><code class="monospace" data-testid="monospace">40</code></div></td><td class="tw-py-2 tw-pl-3 tw-pr-5 tw-border tw-align-top tw-border-N50 table-cell"><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">The maximum number characters to be used for token name</span></div></td></tr></tbody></table><div class="tw-my-4 info-panel"><style data-emotion="css 5unfzq">.css-5unfzq{box-sizing:border-box;-webkit-appearance:none;-moz-appearance:none;-ms-appearance:none;appearance:none;border:none;background-color:var(--ds-background-information, #DEEBFF);padding:var(--ds-space-200, 16px);word-break:break-word;border-radius:var(--ds-border-radius, 3px);}</style><section data-testid="info-panel" class="css-5unfzq"><style data-emotion="css 1trnsdp">.css-1trnsdp{display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;box-sizing:border-box;gap:var(--ds-space-200, 16px);-webkit-align-items:stretch;-webkit-box-align:stretch;-ms-flex-align:stretch;align-items:stretch;-webkit-flex-direction:row;-ms-flex-direction:row;flex-direction:row;}</style><div class="css-1trnsdp"><style data-emotion="css 14zxvl1">.css-14zxvl1{box-sizing:border-box;-webkit-appearance:none;-moz-appearance:none;-ms-appearance:none;appearance:none;border:none;display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;margin-block:var(--ds-space-negative-025, -2px);}</style><div class="css-14zxvl1"><style data-emotion="css 1afrefi">.css-1afrefi{display:inline-block;-webkit-flex-shrink:0;-ms-flex-negative:0;flex-shrink:0;line-height:1;width:24px;height:24px;}.css-1afrefi >svg{overflow:hidden;pointer-events:none;max-width:100%;max-height:100%;color:var(--icon-primary-color);fill:var(--icon-secondary-color);vertical-align:bottom;}.css-1afrefi >svg stop{stop-color:currentColor;}@media screen and (forced-colors: active){.css-1afrefi >svg{-webkit-filter:grayscale(1);filter:grayscale(1);--icon-primary-color:CanvasText;--icon-secondary-color:Canvas;}}.css-1afrefi >svg{width:24px;height:24px;}</style><span aria-hidden="true" style="--icon-primary-color:var(--ds-icon-information, #0747A6);--icon-secondary-color:var(--ds-background-information, #DEEBFF)" class="css-1afrefi"><svg width="24" height="24" viewBox="0 0 24 24" role="presentation"><g fill-rule="evenodd"><path d="M2 12c0 5.523 4.477 10 10 10s10-4.477 10-10S17.523 2 12 2 2 6.477 2 12z" fill="currentColor"/><rect fill="inherit" x="11" y="10" width="2" height="7" rx="1"/><circle fill="inherit" cx="12" cy="8" r="1"/></g></svg></span></div><style data-emotion="css t8lj6l">.css-t8lj6l{display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;box-sizing:border-box;gap:var(--ds-space-100, 8px);-webkit-flex-direction:column;-ms-flex-direction:column;flex-direction:column;-webkit-box-pack:stretch;-ms-flex-pack:stretch;-webkit-justify-content:stretch;justify-content:stretch;}</style><div data-testid="info-panel--content" class="css-t8lj6l"><style data-emotion="css xal9c7">.css-xal9c7{box-sizing:border-box;margin:var(--ds-space-0, 0px);padding:var(--ds-space-0, 0px);font-family:var(--ds-font-family-sans, -apple-system, BlinkMacSystemFont, "Segoe UI", "Roboto", "Oxygen", "Ubuntu", "Fira Sans", "Droid Sans", "Helvetica Neue", sans-serif);}</style><span class="css-xal9c7"><p>Note: You have to set these properties on every node of your Data Center instance.</p></span></div></div></section></div><h2 id="how-to-add-more-security-to-the-rest-api-calls" class="text-1.5xl font-semibold text-N800 mt-3 mb-2 relative">How to add more security to the REST API calls</h2><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">Besides the out-of-the-box authentication methods, we can provide more security to the Jira REST API by adopting additional measures.</span></div><h2 id="rate-limiting" class="text-1.5xl font-semibold text-N800 mt-3 mb-2 relative">Rate limiting</h2><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">Rate limiting targets only REST API requests and can help you address the potential impact from spikes in requests from automated external requests and/or scripts. When users move around the Jira UI, viewing projects, transitioning issues, and completing other actions, they won’t be affected by rate limiting. This feature will enable admins to configure per-user limits for REST API calls. If users overdraw their limit, their requests will result in a 429 error code and the request will not be processed.</span></div><div class="tw-my-4 info-panel"><style data-emotion="css 5unfzq">.css-5unfzq{box-sizing:border-box;-webkit-appearance:none;-moz-appearance:none;-ms-appearance:none;appearance:none;border:none;background-color:var(--ds-background-information, #DEEBFF);padding:var(--ds-space-200, 16px);word-break:break-word;border-radius:var(--ds-border-radius, 3px);}</style><section data-testid="info-panel" class="css-5unfzq"><style data-emotion="css 1trnsdp">.css-1trnsdp{display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;box-sizing:border-box;gap:var(--ds-space-200, 16px);-webkit-align-items:stretch;-webkit-box-align:stretch;-ms-flex-align:stretch;align-items:stretch;-webkit-flex-direction:row;-ms-flex-direction:row;flex-direction:row;}</style><div class="css-1trnsdp"><style data-emotion="css 14zxvl1">.css-14zxvl1{box-sizing:border-box;-webkit-appearance:none;-moz-appearance:none;-ms-appearance:none;appearance:none;border:none;display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;margin-block:var(--ds-space-negative-025, -2px);}</style><div class="css-14zxvl1"><style data-emotion="css 1afrefi">.css-1afrefi{display:inline-block;-webkit-flex-shrink:0;-ms-flex-negative:0;flex-shrink:0;line-height:1;width:24px;height:24px;}.css-1afrefi >svg{overflow:hidden;pointer-events:none;max-width:100%;max-height:100%;color:var(--icon-primary-color);fill:var(--icon-secondary-color);vertical-align:bottom;}.css-1afrefi >svg stop{stop-color:currentColor;}@media screen and (forced-colors: active){.css-1afrefi >svg{-webkit-filter:grayscale(1);filter:grayscale(1);--icon-primary-color:CanvasText;--icon-secondary-color:Canvas;}}.css-1afrefi >svg{width:24px;height:24px;}</style><span aria-hidden="true" style="--icon-primary-color:var(--ds-icon-information, #0747A6);--icon-secondary-color:var(--ds-background-information, #DEEBFF)" class="css-1afrefi"><svg width="24" height="24" viewBox="0 0 24 24" role="presentation"><g fill-rule="evenodd"><path d="M2 12c0 5.523 4.477 10 10 10s10-4.477 10-10S17.523 2 12 2 2 6.477 2 12z" fill="currentColor"/><rect fill="inherit" x="11" y="10" width="2" height="7" rx="1"/><circle fill="inherit" cx="12" cy="8" r="1"/></g></svg></span></div><style data-emotion="css t8lj6l">.css-t8lj6l{display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;box-sizing:border-box;gap:var(--ds-space-100, 8px);-webkit-flex-direction:column;-ms-flex-direction:column;flex-direction:column;-webkit-box-pack:stretch;-ms-flex-pack:stretch;-webkit-justify-content:stretch;justify-content:stretch;}</style><div data-testid="info-panel--content" class="css-t8lj6l"><style data-emotion="css xal9c7">.css-xal9c7{box-sizing:border-box;margin:var(--ds-space-0, 0px);padding:var(--ds-space-0, 0px);font-family:var(--ds-font-family-sans, -apple-system, BlinkMacSystemFont, "Segoe UI", "Roboto", "Oxygen", "Ubuntu", "Fira Sans", "Droid Sans", "Helvetica Neue", sans-serif);}</style><span class="css-xal9c7"><p>Anonymous traffic is represented by one user called “Anonymous”. This “user” aggregates all anonymous traffic into one bucket for all sources of anonymous requests.</p></span></div></div></section></div><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">There are different ways to set the limit: by node, user, time frame, and/or number of requests.</span></div><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">The UI allows system admins to:</span></div><ul class="tw-list-disc tw-pl-5" data-testid="unordered-list"><li><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">Set a default per-user limit</span></div></li><li><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">Set per-user exemptions (limits different than the default, whether more restrictive or less restrictive)</span></div></li><li><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">Set an exemption for the aggregated anonymous traffic</span></div></li><li><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">See who is being limited across all nodes in the cluster</span></div></li></ul><div class="tw-my-4 info-panel"><style data-emotion="css 5unfzq">.css-5unfzq{box-sizing:border-box;-webkit-appearance:none;-moz-appearance:none;-ms-appearance:none;appearance:none;border:none;background-color:var(--ds-background-information, #DEEBFF);padding:var(--ds-space-200, 16px);word-break:break-word;border-radius:var(--ds-border-radius, 3px);}</style><section data-testid="info-panel" class="css-5unfzq"><style data-emotion="css 1trnsdp">.css-1trnsdp{display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;box-sizing:border-box;gap:var(--ds-space-200, 16px);-webkit-align-items:stretch;-webkit-box-align:stretch;-ms-flex-align:stretch;align-items:stretch;-webkit-flex-direction:row;-ms-flex-direction:row;flex-direction:row;}</style><div class="css-1trnsdp"><style data-emotion="css 14zxvl1">.css-14zxvl1{box-sizing:border-box;-webkit-appearance:none;-moz-appearance:none;-ms-appearance:none;appearance:none;border:none;display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;margin-block:var(--ds-space-negative-025, -2px);}</style><div class="css-14zxvl1"><style data-emotion="css 1afrefi">.css-1afrefi{display:inline-block;-webkit-flex-shrink:0;-ms-flex-negative:0;flex-shrink:0;line-height:1;width:24px;height:24px;}.css-1afrefi >svg{overflow:hidden;pointer-events:none;max-width:100%;max-height:100%;color:var(--icon-primary-color);fill:var(--icon-secondary-color);vertical-align:bottom;}.css-1afrefi >svg stop{stop-color:currentColor;}@media screen and (forced-colors: active){.css-1afrefi >svg{-webkit-filter:grayscale(1);filter:grayscale(1);--icon-primary-color:CanvasText;--icon-secondary-color:Canvas;}}.css-1afrefi >svg{width:24px;height:24px;}</style><span aria-hidden="true" style="--icon-primary-color:var(--ds-icon-information, #0747A6);--icon-secondary-color:var(--ds-background-information, #DEEBFF)" class="css-1afrefi"><svg width="24" height="24" viewBox="0 0 24 24" role="presentation"><g fill-rule="evenodd"><path d="M2 12c0 5.523 4.477 10 10 10s10-4.477 10-10S17.523 2 12 2 2 6.477 2 12z" fill="currentColor"/><rect fill="inherit" x="11" y="10" width="2" height="7" rx="1"/><circle fill="inherit" cx="12" cy="8" r="1"/></g></svg></span></div><style data-emotion="css t8lj6l">.css-t8lj6l{display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;box-sizing:border-box;gap:var(--ds-space-100, 8px);-webkit-flex-direction:column;-ms-flex-direction:column;flex-direction:column;-webkit-box-pack:stretch;-ms-flex-pack:stretch;-webkit-justify-content:stretch;justify-content:stretch;}</style><div data-testid="info-panel--content" class="css-t8lj6l"><style data-emotion="css 1rgthtg">.css-1rgthtg{color:var(--ds-text, #172B4D);margin-block:var(--ds-space-0, 0px);font-size:var(--ds-font-size-200, 16px);font-weight:var(--ds-font-weight-semibold, 600);letter-spacing:-0.006em;line-height:var(--ds-font-lineHeight-200, 20px);}</style><h2 class="css-1rgthtg">How rate limiting and personal access tokens work together</h2><style data-emotion="css xal9c7">.css-xal9c7{box-sizing:border-box;margin:var(--ds-space-0, 0px);padding:var(--ds-space-0, 0px);font-family:var(--ds-font-family-sans, -apple-system, BlinkMacSystemFont, "Segoe UI", "Roboto", "Oxygen", "Ubuntu", "Fira Sans", "Droid Sans", "Helvetica Neue", sans-serif);}</style><span class="css-xal9c7"><p>Rate limiting kicks in after authentication, so the per-user limits and exemptions also apply when using personal access tokens.</p></span></div></div></section></div><div class="w-full overflow-hidden" data-testid="at-image"><figure><img alt="How to secure Jira & Confluence REST API calls in Data Center 3" src="https://images.ctfassets.net/5gpmvt00vjd3/1BrMfTTSQxKd0y9dTx0vYy/ee8e12c26df0510a157cd3a1390271d2/How_to_secure_Jira___Confluence_REST_API_calls_in_Data_Center_3.png?fm=png" class="scale-100 max-w-full mx-auto cursor-pointer"/></figure></div><h3 id="what-rate-limiting-is-based-on" class="text-lg font-semibold text-N800 mt-3 mb-2">What rate limiting is based on</h3><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">Rate limiting introduces a </span><a target="_self" href="https://en.wikipedia.org/wiki/Token_bucket" rel="" tabindex="0" class="inline-flex items-center justify-center gap-x-0.5 underline-offset-4 decoration-2 decoration-B300 font-regular hover:text-B300 hover:underline hover:cursor-pointer text-B400" style="word-break:break-word"><span>token bucket algorithm</span></a><span class=" text-N800 text-base bg-inherit w-fit"> to govern REST API-based traffic.</span></div><ul class="tw-list-disc tw-pl-5" data-testid="unordered-list"><li><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">A token is needed to make HTTP REST requests.</span></div></li><li><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">Each request costs one token.</span></div></li><li><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">Users get new tokens at a constant rate so they can keep making new requests. This represents the number of requests they are allowed, and can be, for example, ten every one minute.</span></div></li><li><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">Tokens are added to a user’s personal bucket until it’s full. This is their max number of requests, and they can adjust the usage of tokens to their own frequency, for example twenty every two minutes instead of ten every one minute, as specified in their usual rate.</span></div></li><li><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">If the bucket becomes empty, HTTP REST requests will not be processed and a 429 error code will be returned.</span></div></li></ul><h3 id="getting-started" class="text-lg font-semibold text-N800 mt-3 mb-2">Getting started</h3><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">Setting the right limit depends on a lot of factors, and there isn't a single rule that will work for all scenarios. To start finding the right limit, it's important to understand the size and traffic that instance receives and work from there. To better understand the size of traffic, start by parsing the access log. Find the user that made the most REST requests over a day. Since UI traffic is </span><span class="tw-italic text-N800 text-base bg-inherit w-fit">not</span><span class=" text-N800 text-base bg-inherit w-fit"> rate limited, this number will be higher than what you need as your rate limit.</span></div><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">Generally speaking, your goal in setting a limit should be to keep the instance safe from scripts going haywire, rather than stopping users from getting their work done.</span></div><ul class="tw-list-disc tw-pl-5" data-testid="unordered-list"><li><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">By default, all configurations are set to disabled.</span></div></li><li><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">Admins have the choice of three options:</span></div><ol class="tw-list-decimal tw-pl-5" data-testid="ordered-list"><li><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">Allow unlimited requests (can still block individual access through exemptions)</span></div></li><li><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">Block all requests (can still allow individual access through exemptions)</span></div></li><li><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">Limit requests (set a common limit for everybody, and use exemptions to assign individual limits)</span></div></li></ol></li><li><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">Exemptions allow you to customize rules for unique users.</span></div><ul class="tw-list-disc tw-pl-5" data-testid="unordered-list"><li><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">Exemptions can be created when rate limiting is disabled. The features will not work until rate limiting is enabled.</span></div></li><li><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">It is possible to add multiple users to an exemption.</span></div></li></ul></li><li><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">Beyond this new rate-limiting algorithm and rule set, the API endpoints and the way you engage the API remains the same.</span></div></li></ul><h3 id="turning-rate-limiting-off" class="text-lg font-semibold text-N800 mt-3 mb-2">Turning rate limiting off</h3><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">To turn it off, go to </span><span class="tw-italic text-N800 text-base bg-inherit w-fit">System → Rate Limiting</span><span class=" text-N800 text-base bg-inherit w-fit">, select </span><span class="tw-italic text-N800 text-base bg-inherit w-fit">Rate Limiting → Disable</span><span class=" text-N800 text-base bg-inherit w-fit">, press </span><span class="tw-italic text-N800 text-base bg-inherit w-fit">Save</span><span class=" text-N800 text-base bg-inherit w-fit">. Wait 60 seconds for the changes to be visible. Note that by default, rate limiting is turned off. When turned on, it's set to “Allow unlimited requests” by default, which means it has no effect unless configured differently.</span></div><h3 id="impact-to-users-that-are-rate-limited" class="text-lg font-semibold text-N800 mt-3 mb-2">Impact to users that are rate limited</h3><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">When users make authenticated</span><span class="tw-font-bold text-N800 text-base bg-inherit w-fit"> </span><span class=" text-N800 text-base bg-inherit w-fit">requests, they will see rate limiting headers in the response. These headers are added to every response, not just when they’re rate limited:</span></div><table class="tw-border-collapse tw-table-auto tw-border-none tw-block tw-border-N50 tw-max-w-full tw-my-4 tw-overflow-x-auto"><tbody><tr><th class="tw-py-2 tw-px-3 tw-font-semibold tw-border tw-border-N50 tw-bg-N20 tw-text-left"><div class="tw-pb-3"><span class="tw-font-bold text-N800 text-base bg-inherit w-fit">Header</span></div></th><th class="tw-py-2 tw-px-3 tw-font-semibold tw-border tw-border-N50 tw-bg-N20 tw-text-left"><div class="tw-pb-3"><span class="tw-font-bold text-N800 text-base bg-inherit w-fit">Description</span></div></th></tr><tr><td class="tw-py-2 tw-pl-3 tw-pr-5 tw-border tw-align-top tw-border-N50 table-cell"><div class="tw-pb-3"><code class="monospace" data-testid="monospace">X-RateLimit-Limit</code></div></td><td class="tw-py-2 tw-pl-3 tw-pr-5 tw-border tw-align-top tw-border-N50 table-cell"><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">The bucket size (capacity)</span></div></td></tr><tr><td class="tw-py-2 tw-pl-3 tw-pr-5 tw-border tw-align-top tw-border-N50 table-cell"><div class="tw-pb-3"><code class="monospace" data-testid="monospace">X-RateLimit-Remaining</code></div></td><td class="tw-py-2 tw-pl-3 tw-pr-5 tw-border tw-align-top tw-border-N50 table-cell"><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">The remaining number of tokens. This is what you have and can use right now.</span></div></td></tr><tr><td class="tw-py-2 tw-pl-3 tw-pr-5 tw-border tw-align-top tw-border-N50 table-cell"><div class="tw-pb-3"><code class="monospace" data-testid="monospace">X-RateLimit-Interval-Seconds</code></div></td><td class="tw-py-2 tw-pl-3 tw-pr-5 tw-border tw-align-top tw-border-N50 table-cell"><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">The time interval in seconds. You get a batch of new tokens every such time interval.</span></div></td></tr><tr><td class="tw-py-2 tw-pl-3 tw-pr-5 tw-border tw-align-top tw-border-N50 table-cell"><div class="tw-pb-3"><code class="monospace" data-testid="monospace">X-RateLimit-FillRate</code></div></td><td class="tw-py-2 tw-pl-3 tw-pr-5 tw-border tw-align-top tw-border-N50 table-cell"><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">How many tokens are added to the bucket on each refill. Sys admins configure this as </span><span class="tw-italic text-N800 text-base bg-inherit w-fit">Requests allowed</span><span class=" text-N800 text-base bg-inherit w-fit">.</span></div></td></tr><tr><td class="tw-py-2 tw-pl-3 tw-pr-5 tw-border tw-align-top tw-border-N50 table-cell"><div class="tw-pb-3"><code class="monospace" data-testid="monospace">retry-after</code></div></td><td class="tw-py-2 tw-pl-3 tw-pr-5 tw-border tw-align-top tw-border-N50 table-cell"><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">How long you need to wait until you get new tokens. This value is </span><code class="monospace" data-testid="monospace">0</code><span class=" text-N800 text-base bg-inherit w-fit"> when the bucket is not empty. If the bucket is empty, this value is likely to not be zero.</span></div></td></tr></tbody></table><h3 id="benefits-of-"self-protection"-capabilities" class="text-lg font-semibold text-N800 mt-3 mb-2">Benefits of "self-protection" capabilities</h3><ul class="tw-list-disc tw-pl-5" data-testid="unordered-list"><li><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">Visibility: gives you the ability to see who is being rate limited, how many times requests are being limited, and when a user was last limited</span></div></li><li><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">Security and control: admins are able to set custom configurations and add users to an allow-list, bypassing all restrictions</span></div></li><li><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">Stability and performance: rate limiting helps to regulate CPU volume</span></div></li></ul><h3 id="related-info" class="text-lg font-semibold text-N800 mt-3 mb-2">Related info</h3><ul class="tw-list-disc tw-pl-5" data-testid="unordered-list"><li><div class="tw-pb-3"><a target="_self" href="https://confluence.atlassian.com/adminjiraserver086/improving-instance-stability-with-rate-limiting-990553980.html#Improvinginstancestabilitywithratelimiting-limitingrequests" rel="" tabindex="0" class="inline-flex items-center justify-center gap-x-0.5 underline-offset-4 decoration-2 decoration-B300 font-regular hover:text-B300 hover:underline hover:cursor-pointer text-B400" style="word-break:break-word"><span>Improving instance stability with rate limiting | Administering Jira applications Data Center and Server 8.6</span></a></div></li><li><div class="tw-pb-3"><a target="_self" href="https://www.atlassian.com/webinars/software/protect-your-data-center-instance" rel="" tabindex="0" class="inline-flex items-center justify-center gap-x-0.5 underline-offset-4 decoration-2 decoration-B300 font-regular hover:text-B300 hover:underline hover:cursor-pointer text-B400" style="word-break:break-word"><span>How to protect your Data Center instance from threats</span></a></div></li><li><div class="tw-pb-3"><a target="_self" href="https://confluence.atlassian.com/enterprise/traffic-distribution-with-atlassian-data-center-895912660.html" rel="" tabindex="0" class="inline-flex items-center justify-center gap-x-0.5 underline-offset-4 decoration-2 decoration-B300 font-regular hover:text-B300 hover:underline hover:cursor-pointer text-B400" style="word-break:break-word"><span>Traffic distribution with Atlassian Data Center</span></a></div></li></ul><h2 id="api-gateway/proxy" class="text-1.5xl font-semibold text-N800 mt-3 mb-2 relative">API gateway/proxy</h2><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">In some contexts, you may be interested in having more control over how the Atlassian product APIs are being used. In such contexts, you can introduce a new component to your API architecture: the API gateway. With this component (external to the Atlassian product architecture), you can usually expect the following aspects to improve:</span></div><ul class="tw-list-disc tw-pl-5" data-testid="unordered-list"><li><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">Tracking of API calls: who is invoking the APIs, when, how much, etc.</span></div></li><li><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">Authentication/authorization: API gateways enable admins to add an additional security layer and provide support for methods that are not yet supported natively by the Atlassian Data Center products (e.g. OAuth 2.0)</span></div></li><li><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">Filtering of API calls: API gateways can provide additional filtering capabilities to those provided out-of-the-box by the Atlassian Data Center products</span></div></li><li><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">API management: API gateways can be part of the corporate API management</span></div></li></ul><h3 id="sample-architecture-with-an-api-gateway-protecting-a-dedicated-api-node-for-jira/confluence" class="text-lg font-semibold text-N800 mt-3 mb-2">Sample architecture with an API gateway protecting a dedicated API node for Jira/Confluence</h3><div class="w-full overflow-hidden" data-testid="at-image"><figure><img alt="How to secure Jira & Confluence REST API calls in Data Center 6" src="https://images.ctfassets.net/5gpmvt00vjd3/2xt1Jtl1hVl2vnZiPF0sfP/6a343b228ae8d27c3e89049640942805/How_to_secure_Jira___Confluence_REST_API_calls_in_Data_Center_6.png?fm=png" class="scale-100 max-w-full mx-auto cursor-pointer"/></figure></div><h2 id="marketplace-apps" class="text-1.5xl font-semibold text-N800 mt-3 mb-2 relative">Marketplace apps</h2><div class="w-full overflow-hidden" data-testid="at-image"><figure><img alt="How to secure Jira & Confluence REST API calls in Data Center 4" src="https://images.ctfassets.net/5gpmvt00vjd3/1v5M0vDMgGCBee0eE3WFNq/5be408b90c60ceea93d35558a5af16ad/How_to_secure_Jira___Confluence_REST_API_calls_in_Data_Center_4.png?fm=png" class="scale-100 max-w-full mx-auto cursor-pointer"/></figure></div><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">Using this app, you can authenticate Jira APIs using any third-party OAuth/OIDC provider or API tokens. The app supports Azure AD, Keycloak, Okta, AWS Cognito, Google, Github, Slack, Gitlab, Facebook, and any custom provider.</span></div><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">This app solves one of the biggest challenges in SSO-enabled applications: when users don't know their local account passwords.</span></div><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">Features provided:</span></div><ul class="tw-list-disc tw-pl-5" data-testid="unordered-list"><li><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">Allows you to disable Jira's basic authentication or OAuth 1.0 authentication</span></div></li><li><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">Supports creating or revoking individual API tokens for users and universal API tokens for services</span></div></li><li><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">One-click enable or disable REST API authentication using OAuth 2.0</span></div></li></ul><div class="tw-pb-3"></div><div class="w-full overflow-hidden" data-testid="at-image"><figure><img alt="How to secure Jira & Confluence REST API calls in Data Center 5" src="https://images.ctfassets.net/5gpmvt00vjd3/7FZGhUvLUB4vbABvwZoyH1/97c0123e496c148b3b1fed323e1d049c/How_to_secure_Jira___Confluence_REST_API_calls_in_Data_Center_5.png?fm=png" class="scale-100 max-w-full mx-auto cursor-pointer"/></figure></div><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">This app allows you to authenticate Confluence APIs using third-party OAuth tokens or API tokens instead of your Confluence password. It supports </span><a target="_self" href="https://plugins.miniorange.com/jira-rest-api-setup-guides" rel="" tabindex="0" class="inline-flex items-center justify-center gap-x-0.5 underline-offset-4 decoration-2 decoration-B300 font-regular hover:text-B300 hover:underline hover:cursor-pointer text-B400" style="word-break:break-word"><span>10+ OAuth providers</span></a><span class=" text-N800 text-base bg-inherit w-fit"> like Azure AD, Keycloak, AWS Cognito, Google Apps and ADFS, with steps to setup in minutes. Features provided:</span></div><ul class="tw-list-disc tw-pl-5" data-testid="unordered-list"><li><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">Allows you to create or revoke API tokens to better secure and manage your data using REST API calls</span></div></li><li><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">Secures all the Confluence APIs</span></div></li><li><div class="tw-pb-3"><span class=" text-N800 text-base bg-inherit w-fit">Coming soon: IP restriction and cookie-based authentication</span></div></li></ul><div class="tw-pb-3"></div><div class="pt-6"><div class="flex flex-col flex-start padding-[0px] gap-[16px] width-[684px] height-[144px]"><div class="flex flex-col flex-start padding-[16px 8px 8px 0px] gap-[8px] width-[684px] height-[96px]"><span class="flex flex-row items-center padding-[0px] gap-[16px] width-[335px] height-[32px]"><p class="font-semibold text-lg leading-6 width-[221px] height-[25px] ">Was this content helpful?</p><style data-emotion="css rpbnvx">.css-rpbnvx:focus-visible{outline:2px solid var(--ds-border-focused, #2684FF);outline-offset:2px;}@supports not selector(*:focus-visible){.css-rpbnvx:focus{outline:2px solid var(--ds-border-focused, #2684FF);outline-offset:2px;}}@media screen and (forced-colors: active),screen and (-ms-high-contrast: active){.css-rpbnvx:focus-visible{outline:1px solid;}}</style><style data-emotion="css 1yeatxf">.css-1yeatxf{-webkit-align-items:baseline;-webkit-box-align:baseline;-ms-flex-align:baseline;align-items:baseline;border-width:0;border-radius:var(--ds-border-radius, 3px);box-sizing:border-box;display:-webkit-inline-box;display:-webkit-inline-flex;display:-ms-inline-flexbox;display:inline-flex;font-size:inherit;font-style:normal;font-family:inherit;font-weight:500;max-width:100%;position:relative;text-align:center;-webkit-text-decoration:none;text-decoration:none;-webkit-transition:background 0.1s ease-out,box-shadow 0.15s cubic-bezier(0.47, 0.03, 0.49, 1.38);transition:background 0.1s ease-out,box-shadow 0.15s cubic-bezier(0.47, 0.03, 0.49, 1.38);white-space:nowrap;background:var(--ds-background-brand-bold, #0052CC);color:var(--ds-text-inverse, #FFFFFF)!important;cursor:pointer;height:2.2857142857142856em;line-height:2.2857142857142856em;padding:0 10px;vertical-align:middle;width:auto;-webkit-box-pack:center;-ms-flex-pack:center;-webkit-justify-content:center;justify-content:center;}.css-1yeatxf:visited{background:var(--ds-background-brand-bold, #0052CC);color:var(--ds-text-inverse, #FFFFFF)!important;}.css-1yeatxf:hover{background:var(--ds-background-brand-bold-hovered, #0065FF);color:var(--ds-text-inverse, #FFFFFF)!important;-webkit-text-decoration:inherit;text-decoration:inherit;transition-duration:0s,0.15s;}.css-1yeatxf:active{background:var(--ds-background-brand-bold-pressed, #0747A6);color:var(--ds-text-inverse, #FFFFFF)!important;transition-duration:0s,0s;}.css-1yeatxf[data-firefox-is-active="true"]{background:var(--ds-background-brand-bold-pressed, #0747A6);color:var(--ds-text-inverse, #FFFFFF)!important;transition-duration:0s,0s;}.css-1yeatxf[disabled]{background:var(--ds-background-disabled, rgba(9, 30, 66, 0.04));color:var(--ds-text-disabled, #A5ADBA)!important;cursor:not-allowed;-webkit-text-decoration:none;text-decoration:none;}.css-1yeatxf[data-has-overlay="true"]{cursor:default;-webkit-text-decoration:none;text-decoration:none;}.css-1yeatxf[data-has-overlay="true"]:not([disabled]):hover,.css-1yeatxf[data-has-overlay="true"]:not([disabled]):active{background:var(--ds-background-brand-bold, #0052CC);color:var(--ds-text-inverse, #FFFFFF)!important;}.css-1yeatxf::-moz-focus-inner{border:0;margin:0;padding:0;}.css-1yeatxf:focus-visible{outline:2px solid var(--ds-border-focused, #2684FF);outline-offset:2px;}@supports not selector(*:focus-visible){.css-1yeatxf:focus{outline:2px solid var(--ds-border-focused, #2684FF);outline-offset:2px;}}@media screen and (forced-colors: active),screen and (-ms-high-contrast: active){.css-1yeatxf:focus-visible{outline:1px solid;}}</style><button class="css-1yeatxf" data-testid="button-primary" tabindex="0" type="button"><style data-emotion="css 178ag6o">.css-178ag6o{opacity:1;-webkit-transition:opacity 0.3s;transition:opacity 0.3s;margin:0 2px;-webkit-box-flex:1;-webkit-flex-grow:1;-ms-flex-positive:1;flex-grow:1;-webkit-flex-shrink:1;-ms-flex-negative:1;flex-shrink:1;overflow:hidden;text-overflow:ellipsis;white-space:nowrap;}</style><span class="css-178ag6o">Yes</span></button><style data-emotion="css rpbnvx">.css-rpbnvx:focus-visible{outline:2px solid var(--ds-border-focused, #2684FF);outline-offset:2px;}@supports not selector(*:focus-visible){.css-rpbnvx:focus{outline:2px solid var(--ds-border-focused, #2684FF);outline-offset:2px;}}@media screen and (forced-colors: active),screen and (-ms-high-contrast: active){.css-rpbnvx:focus-visible{outline:1px solid;}}</style><style data-emotion="css 1yeatxf">.css-1yeatxf{-webkit-align-items:baseline;-webkit-box-align:baseline;-ms-flex-align:baseline;align-items:baseline;border-width:0;border-radius:var(--ds-border-radius, 3px);box-sizing:border-box;display:-webkit-inline-box;display:-webkit-inline-flex;display:-ms-inline-flexbox;display:inline-flex;font-size:inherit;font-style:normal;font-family:inherit;font-weight:500;max-width:100%;position:relative;text-align:center;-webkit-text-decoration:none;text-decoration:none;-webkit-transition:background 0.1s ease-out,box-shadow 0.15s cubic-bezier(0.47, 0.03, 0.49, 1.38);transition:background 0.1s ease-out,box-shadow 0.15s cubic-bezier(0.47, 0.03, 0.49, 1.38);white-space:nowrap;background:var(--ds-background-brand-bold, #0052CC);color:var(--ds-text-inverse, #FFFFFF)!important;cursor:pointer;height:2.2857142857142856em;line-height:2.2857142857142856em;padding:0 10px;vertical-align:middle;width:auto;-webkit-box-pack:center;-ms-flex-pack:center;-webkit-justify-content:center;justify-content:center;}.css-1yeatxf:visited{background:var(--ds-background-brand-bold, #0052CC);color:var(--ds-text-inverse, #FFFFFF)!important;}.css-1yeatxf:hover{background:var(--ds-background-brand-bold-hovered, #0065FF);color:var(--ds-text-inverse, #FFFFFF)!important;-webkit-text-decoration:inherit;text-decoration:inherit;transition-duration:0s,0.15s;}.css-1yeatxf:active{background:var(--ds-background-brand-bold-pressed, #0747A6);color:var(--ds-text-inverse, #FFFFFF)!important;transition-duration:0s,0s;}.css-1yeatxf[data-firefox-is-active="true"]{background:var(--ds-background-brand-bold-pressed, #0747A6);color:var(--ds-text-inverse, #FFFFFF)!important;transition-duration:0s,0s;}.css-1yeatxf[disabled]{background:var(--ds-background-disabled, rgba(9, 30, 66, 0.04));color:var(--ds-text-disabled, #A5ADBA)!important;cursor:not-allowed;-webkit-text-decoration:none;text-decoration:none;}.css-1yeatxf[data-has-overlay="true"]{cursor:default;-webkit-text-decoration:none;text-decoration:none;}.css-1yeatxf[data-has-overlay="true"]:not([disabled]):hover,.css-1yeatxf[data-has-overlay="true"]:not([disabled]):active{background:var(--ds-background-brand-bold, #0052CC);color:var(--ds-text-inverse, #FFFFFF)!important;}.css-1yeatxf::-moz-focus-inner{border:0;margin:0;padding:0;}.css-1yeatxf:focus-visible{outline:2px solid var(--ds-border-focused, #2684FF);outline-offset:2px;}@supports not selector(*:focus-visible){.css-1yeatxf:focus{outline:2px solid var(--ds-border-focused, #2684FF);outline-offset:2px;}}@media screen and (forced-colors: active),screen and (-ms-high-contrast: active){.css-1yeatxf:focus-visible{outline:1px solid;}}</style><button class="css-1yeatxf" data-testid="button-primary" tabindex="0" type="button"><style data-emotion="css 178ag6o">.css-178ag6o{opacity:1;-webkit-transition:opacity 0.3s;transition:opacity 0.3s;margin:0 2px;-webkit-box-flex:1;-webkit-flex-grow:1;-ms-flex-positive:1;flex-grow:1;-webkit-flex-shrink:1;-ms-flex-negative:1;flex-shrink:1;overflow:hidden;text-overflow:ellipsis;white-space:nowrap;}</style><span class="css-178ag6o">No</span></button></span></div><span class="flex flex-row items-center padding-[0px] gap-[16px] width-[684px] height-[32px]"><p class="font-semibold text-lg leading-6 width-[324px] height-[25px]">Connect, share, or get additional help</p><style data-emotion="css rpbnvx">.css-rpbnvx:focus-visible{outline:2px solid var(--ds-border-focused, #2684FF);outline-offset:2px;}@supports not selector(*:focus-visible){.css-rpbnvx:focus{outline:2px solid var(--ds-border-focused, #2684FF);outline-offset:2px;}}@media screen and (forced-colors: active),screen and (-ms-high-contrast: active){.css-rpbnvx:focus-visible{outline:1px solid;}}</style><style data-emotion="css 1luyhz2">.css-1luyhz2{-webkit-align-items:baseline;-webkit-box-align:baseline;-ms-flex-align:baseline;align-items:baseline;border-width:0;border-radius:var(--ds-border-radius, 3px);box-sizing:border-box;display:-webkit-inline-box;display:-webkit-inline-flex;display:-ms-inline-flexbox;display:inline-flex;font-size:inherit;font-style:normal;font-family:inherit;font-weight:500;max-width:100%;position:relative;text-align:center;-webkit-text-decoration:none;text-decoration:none;-webkit-transition:background 0.1s ease-out,box-shadow 0.15s cubic-bezier(0.47, 0.03, 0.49, 1.38);transition:background 0.1s ease-out,box-shadow 0.15s cubic-bezier(0.47, 0.03, 0.49, 1.38);white-space:nowrap;background:var(--ds-background-neutral, rgba(9, 30, 66, 0.04));color:var(--ds-text, #42526E)!important;cursor:pointer;height:2.2857142857142856em;line-height:2.2857142857142856em;padding:0 10px;vertical-align:middle;width:auto;-webkit-box-pack:center;-ms-flex-pack:center;-webkit-justify-content:center;justify-content:center;}.css-1luyhz2:visited{background:var(--ds-background-neutral, rgba(9, 30, 66, 0.04));color:var(--ds-text, #42526E)!important;}.css-1luyhz2:hover{background:var(--ds-background-neutral-hovered, rgba(9, 30, 66, 0.08));color:var(--ds-text, #42526E)!important;-webkit-text-decoration:inherit;text-decoration:inherit;transition-duration:0s,0.15s;}.css-1luyhz2:active{background:var(--ds-background-neutral-pressed, rgba(179, 212, 255, 0.6));color:var(--ds-text, #0052CC)!important;transition-duration:0s,0s;}.css-1luyhz2[data-firefox-is-active="true"]{background:var(--ds-background-neutral-pressed, rgba(179, 212, 255, 0.6));color:var(--ds-text, #0052CC)!important;transition-duration:0s,0s;}.css-1luyhz2[disabled]{background:var(--ds-background-disabled, rgba(9, 30, 66, 0.04));color:var(--ds-text-disabled, #A5ADBA)!important;cursor:not-allowed;-webkit-text-decoration:none;text-decoration:none;}.css-1luyhz2[data-has-overlay="true"]{cursor:default;-webkit-text-decoration:none;text-decoration:none;}.css-1luyhz2[data-has-overlay="true"]:not([disabled]):hover,.css-1luyhz2[data-has-overlay="true"]:not([disabled]):active{background:var(--ds-background-neutral, rgba(9, 30, 66, 0.04));color:var(--ds-text, #42526E)!important;}.css-1luyhz2::-moz-focus-inner{border:0;margin:0;padding:0;}.css-1luyhz2:focus-visible{outline:2px solid var(--ds-border-focused, #2684FF);outline-offset:2px;}@supports not selector(*:focus-visible){.css-1luyhz2:focus{outline:2px solid var(--ds-border-focused, #2684FF);outline-offset:2px;}}@media screen and (forced-colors: active),screen and (-ms-high-contrast: active){.css-1luyhz2:focus-visible{outline:1px solid;}}</style><a class="css-1luyhz2" data-testid="button-default" href="https://community.atlassian.com/" tabindex="0" type="button"><style data-emotion="css 178ag6o">.css-178ag6o{opacity:1;-webkit-transition:opacity 0.3s;transition:opacity 0.3s;margin:0 2px;-webkit-box-flex:1;-webkit-flex-grow:1;-ms-flex-positive:1;flex-grow:1;-webkit-flex-shrink:1;-ms-flex-negative:1;flex-shrink:1;overflow:hidden;text-overflow:ellipsis;white-space:nowrap;}</style><span class="css-178ag6o">Atlassian Community</span></a></span></div></div></article><div class="tw-pt-0 tw-pb-6 lg:tw-pt-28 lg:tw-w-2/6 px-5 md:tw-px-14 lg:tw-pl-7 xl:tw-pr-24 xl:tw-pl-12"><article class=""><hr data-testid="divider" class="bg-N50 " style="height:1px"/><h4 class="text-2xl text-B400 font-semibold my-8">Related links</h4><ul><li class="mb-8"><article class=" py-4 pl-4 pr-8 bg-B50 rounded-r-[100px] hover:shadow-default transition-shadow duration-75 " data-testid="sidemenu-button" role="article"><a target="_blank" href="https://developer.atlassian.com/server/" rel="noopener noreferrer" tabindex="0" class="inline-flex items-center justify-center gap-x-0.5 underline-offset-4 decoration-2 decoration-B300 font-regular hover:text-B300 hover:underline hover:cursor-pointer line-clamp-4 font-semibold text-B400" style="word-break:break-word"><span>Atlassian server developer documentation</span></a></article></li><li class="mb-8"><article class=" py-4 pl-4 pr-8 bg-B50 rounded-r-[100px] hover:shadow-default transition-shadow duration-75 " data-testid="sidemenu-button" role="article"><a target="_blank" href="https://community.developer.atlassian.com/" rel="noopener noreferrer" tabindex="0" class="inline-flex items-center justify-center gap-x-0.5 underline-offset-4 decoration-2 decoration-B300 font-regular hover:text-B300 hover:underline hover:cursor-pointer line-clamp-4 font-semibold text-B400" style="word-break:break-word"><span>Atlassian Developer Community</span></a></article></li><li class="mb-8"><article class=" py-4 pl-4 pr-8 bg-B50 rounded-r-[100px] hover:shadow-default transition-shadow duration-75 " data-testid="sidemenu-button" role="article"><a target="_blank" href="https://developer.atlassian.com/server/jira/platform/oauth/#authorization-flow" rel="noopener noreferrer" tabindex="0" class="inline-flex items-center justify-center gap-x-0.5 underline-offset-4 decoration-2 decoration-B300 font-regular hover:text-B300 hover:underline hover:cursor-pointer line-clamp-4 font-semibold text-B400" style="word-break:break-word"><span>OAuth authorization flow</span></a></article></li></ul></article></div></div><section class="relative overflow-hidden" data-testid="bottom-banner"><div class="wave-top bg-N500 after:wave-top-after after-bg-N0 before:wave-top-before"></div><div class="bg-N500 z-0 pt-12 pb-20 md:py-16 xl:py-14 px-5 md:px-14 xl:px-24 "><div class="grid grid-cols-6 gap-4"><div class="hidden md:block md:col-span-2"><div class="w-full overflow-hidden" data-testid="at-image"><figure><img alt="Bottom banner image" src="https://images.ctfassets.net/5gpmvt00vjd3/6a4gNhPEZz7FZLw6KRu0vS/85552e57762ee5e450784b6eb9e511ca/bottom_banner.png?fm=webp" class="scale-100 mx-auto "/></figure></div></div><div class="col-span-6 md:col-start-3 md:col-span-4 flex flex-col justify-center"><h2 class="font-semibold text-3xl md:text-4xl xl:text-5xl text-N20">Purpose-fit guidance and support to ensure your team's success</h2><h3 class="font-semibold text-base md:text-xl xl:text-2xl text-N20 mt-4 md:mt-8 xl:w-[90%]">Each deployment of Atlassian products is unique, so we offer a breadth of services to design, implement, and optimize solutions for scale.</h3><a target="_blank" href="https://www.atlassian.com/enterprise/services/advisory-services" rel="noopener noreferrer" tabindex="0" class="inline-flex items-center justify-center gap-x-0.5 underline-offset-4 decoration-2 decoration-B300 font-regular hover:text-B300 hover:underline hover:cursor-pointer hover:text-G75 w-fit decoration-G75 mt-4 md:mt-8 text-G75" style="word-break:break-word"><span>Learn More</span><span class="w-fit h-fit inline-flex "><style data-emotion="css 1afrefi">.css-1afrefi{display:inline-block;-webkit-flex-shrink:0;-ms-flex-negative:0;flex-shrink:0;line-height:1;width:24px;height:24px;}.css-1afrefi >svg{overflow:hidden;pointer-events:none;max-width:100%;max-height:100%;color:var(--icon-primary-color);fill:var(--icon-secondary-color);vertical-align:bottom;}.css-1afrefi >svg stop{stop-color:currentColor;}@media screen and (forced-colors: active){.css-1afrefi >svg{-webkit-filter:grayscale(1);filter:grayscale(1);--icon-primary-color:CanvasText;--icon-secondary-color:Canvas;}}.css-1afrefi >svg{width:24px;height:24px;}</style><span data-testid="arrow-right" aria-hidden="true" style="--icon-primary-color:currentColor;--icon-secondary-color:var(--ds-surface, #FFFFFF)" class="css-1afrefi"><svg width="24" height="24" viewBox="0 0 24 24" role="presentation"><path d="M11.793 5.793a.999.999 0 000 1.414L15.586 11H6a1 1 0 000 2h9.586l-3.793 3.793a.999.999 0 000 1.414c.39.39 1.024.39 1.415 0l5.499-5.5a.997.997 0 00.293-.679v-.057a.996.996 0 00-.293-.678l-5.499-5.5a1 1 0 00-1.415 0z" fill="currentColor" fill-rule="evenodd"/></svg></span></span></a></div></div></div></section><div class="tw-col-span-3"></div></main></div><div id="overlay"></div><footer data-testid="footer" class=" bg-N20 z-10"><div class="px-5 m-auto md:px-[70px] max-w-[1280px]"><div class="flex justify-between min-h-[120px] text-N400 text-filter font-medium flex-col md:flex-row items-start md:items-center"><a href="https://www.atlassian.com" class="my-4 md:my-0"><style data-emotion="css 1eu9lrx">.css-1eu9lrx{display:inline-block;position:relative;color:var(--logo-color);fill:var(--logo-fill);line-height:1;-webkit-user-select:none;-moz-user-select:none;-ms-user-select:none;user-select:none;white-space:normal;height:24px;}.css-1eu9lrx >svg{height:100%;fill:inherit;}</style><span style="--logo-color:inherit;--logo-fill:currentColor" aria-label="Atlassian" role="img" class="css-1eu9lrx"> <svg viewBox="0 0 190 32" height="32" xmlns="http://www.w3.org/2000/svg" focusable="false" aria-hidden="true"> <defs> <linearGradient x1="99.684716%" y1="15.8138128%" x2="39.8444399%" y2="97.4388388%" id="uid668"> <stop stop-color="#344563" offset="0%"></stop> <stop stop-color="#7A869A" offset="100%"></stop> </linearGradient> </defs> <g stroke="none" stroke-width="1" fill="#505F79" > <path fill="url(#uid668)" d="M6.90502605,15.6123193 C6.76436383,15.4302139 6.53773035,15.3340846 6.30742588,15.35884 C6.0771214,15.3835955 5.876643,15.525635 5.7787929,15.7333781 L0.0719979599,27.0218487 C-0.0337056449,27.2310259 -0.0224063827,27.4794358 0.101860917,27.6783741 C0.226128216,27.8773125 0.445645594,27.9984148 0.68202605,27.9984369 L8.62844459,27.9984369 C8.88847261,28.0044096 9.12761649,27.8581627 9.23847268,27.6253781 C10.9526159,24.1210252 9.91378448,18.7926722 6.90502605,15.6123193 Z"></path> <path fill="#7A869A" d="M11.0859556,5.33713587 C8.19309829,9.74089822 7.85921851,15.3267488 10.2073011,20.0371359 L14.0383488,27.6176065 C14.1538739,27.8462194 14.3900332,27.9906411 14.6483769,27.9906653 L22.5933685,27.9906653 C22.829749,27.9906431 23.0492663,27.8695408 23.1735336,27.6706025 C23.2978009,27.4716641 23.3091002,27.2232543 23.2033966,27.014077 C23.2033966,27.014077 12.5147056,5.8619594 12.2460792,5.33290058 C12.1377032,5.11315026 11.9118188,4.97410225 11.6646746,4.97500451 C11.4175304,4.97590676 11.1926893,5.11660025 11.0859556,5.33713587 L11.0859556,5.33713587 Z"></path> <path d="M104.2774,14.3919316 C104.2774,17.1872257 105.588069,19.4065198 110.714802,20.3862846 C113.773504,21.0215787 114.414212,21.5100493 114.414212,22.5187551 C114.414212,23.4985198 113.772077,24.1327551 111.617715,24.1327551 C109.013896,24.0864379 106.462135,23.403307 104.189999,22.1442846 L104.189999,26.6972257 C105.733976,27.4465198 107.772754,28.2822846 111.559566,28.2822846 C116.919251,28.2822846 119.045788,25.9175787 119.045788,22.4033434 M119.045788,22.4033434 C119.045788,19.0892257 117.268858,17.5327551 112.25878,16.4668728 C109.491535,15.8615787 108.821574,15.2566375 108.821574,14.3919316 C108.821574,13.297814 109.811889,12.835814 111.646968,12.835814 C113.860906,12.835814 116.045591,13.4986375 118.113622,14.4208728 L118.113622,10.0691081 C116.130615,9.17615406 113.970906,8.73311319 111.792518,8.7724022 C106.840589,8.7724022 104.2774,10.9048728 104.2774,14.3919316" fill="inherit"></path> <polygon fill="inherit" points="173.129997 9.07000017 173.129997 28.0038825 177.20791 28.0038825 177.20791 13.5657649 178.926691 17.3983531 184.694132 28.0038825 189.820865 28.0038825 189.820865 9.07000017 185.742952 9.07000017 185.742952 21.2891766 184.198975 17.7442355 179.567399 9.07000017"></polygon> <rect fill="inherit" x="142.740005" y="9.07000017" width="4.45677247" height="18.9338824"></rect> <path d="M137.600792,22.4033434 C137.600792,19.0892257 135.823862,17.5327551 130.813784,16.4668728 C128.046539,15.8615787 127.376579,15.2566375 127.376579,14.3919316 C127.376579,13.297814 128.366893,12.835814 130.201972,12.835814 C132.41591,12.835814 134.600595,13.4986375 136.668626,14.4208728 L136.668626,10.0691081 C134.685619,9.17615406 132.52591,8.73311319 130.347522,8.7724022 C125.395593,8.7724022 122.832404,10.9048728 122.832404,14.3919316 C122.832404,17.1872257 124.143073,19.4065198 129.269806,20.3862846 C132.328508,21.0215787 132.969216,21.5100493 132.969216,22.5187551 C132.969216,23.4985198 132.327081,24.1327551 130.172719,24.1327551 C127.568901,24.0864379 125.017139,23.403307 122.745003,22.1442846 L122.745003,26.6972257 C124.28898,27.4465198 126.327758,28.2822846 130.11457,28.2822846 C135.474256,28.2822846 137.600792,25.9175787 137.600792,22.4033434" fill="inherit"></path> <polygon fill="inherit" points="69.6599979 9.07000017 69.6599979 28.0038825 78.8204081 28.0038825 80.2627142 23.9115296 74.1456665 23.9115296 74.1456665 9.07000017"></polygon> <polygon fill="inherit" points="51.5549984 9.07000017 51.5549984 13.1620002 56.5069282 13.1620002 56.5069282 28.0038825 60.9925967 28.0038825 60.9925967 13.1620002 66.2941332 13.1620002 66.2941332 9.07000017"></polygon> <path d="M45.0573091,9.07000017 L39.1785647,9.07000017 L32.5050001,28.0038825 L37.6014102,28.0038825 L38.5474889,24.815059 C40.877531,25.4919503 43.3551322,25.4919503 45.6851743,24.815059 L46.6312529,28.0038825 L51.7287333,28.0038825 L45.0573091,9.07000017 Z M42.1177585,21.4007061 C41.287584,21.4006584 40.4616854,21.2831148 39.6651602,21.0516472 L42.1177585,12.7889413 L44.5703569,21.0544708 C43.7736914,21.2849831 42.9477956,21.4015755 42.1177585,21.4007061 L42.1177585,21.4007061 Z" fill="inherit"></path> <path d="M94.6019534,9.07000017 L88.7235658,9.07000017 L82.0500011,28.0038825 L87.1474815,28.0038825 L88.0935601,24.815059 C90.4236023,25.4919503 92.9012034,25.4919503 95.2312455,24.815059 L96.1773242,28.0038825 L101.274805,28.0038825 L94.6019534,9.07000017 Z M91.6627596,21.4007061 C90.8325851,21.4006584 90.0066865,21.2831148 89.2101613,21.0516472 L91.6627596,12.7889413 L94.1153579,21.0544708 C93.3186924,21.2849831 92.4927966,21.4015755 91.6627596,21.4007061 L91.6627596,21.4007061 Z" fill="inherit"></path> <path d="M163.256954,9.07000017 L157.378566,9.07000017 L150.705002,28.0038825 L155.802482,28.0038825 L156.748561,24.815059 C159.078603,25.4919503 161.556204,25.4919503 163.886246,24.815059 L164.832325,28.0038825 L169.930162,28.0038825 L163.256954,9.07000017 Z M160.315977,21.4007061 C159.485802,21.4006584 158.659903,21.2831148 157.863378,21.0516472 L160.315977,12.7889413 L162.768575,21.0544708 C161.971909,21.2849831 161.146014,21.4015755 160.315977,21.4007061 L160.315977,21.4007061 Z" fill="inherit"></path> </g> </svg></span></a><div><ul class="flex flex-col md:flex-row"><li class="mb-4 md:mb-0 md:inline-block mr-10"><a href="https://www.atlassian.com/legal/privacy-policy">Privacy Policy</a></li><li class="mb-4 md:mb-0 md:inline-block mr-10"><a href="https://www.atlassian.com/legal/cloud-terms-of-service">Terms of Use</a></li><li class="mb-4 md:mb-0 md:inline-block mr-10"><a href="https://www.atlassian.com/security">Security</a></li><li class="mb-4 md:mb-0 md:inline-block before:content-['\A9'] before:mr-1">2025 Atlassian</li></ul></div></div></div></footer></div><script id="__NEXT_DATA__" type="application/json">{"props":{"pageProps":{"CONTENT_TYPE":"pg-page","CONTENTFUL_ID":"6K6XyBgXwDESf9ney5rjIi","slug":"solution-resources/agile-and-devops-ado/platform-administration/how-to-secure-jira-and-confluence-rest-api-calls-in-data-center","name":"Landing Solution Resources","seo":null,"template":{"CONTENT_TYPE":"tm-topic-detail","CONTENTFUL_ID":"1n5vm3JcAkMrSv8IRT6dnp","name":"Template Solution Resources","highlightedTitle":"We’ll show you what works","highlightedSummary":"Choose a topic to get the help your team needs to be successful","banner":{"CONTENT_TYPE":"or-banner","CONTENTFUL_ID":"4lRxuqIMRlCar0MhSDbi43","name":"OrBanner - Template Solution Resources","heading":"Looking for help? We've got answers","summary":"Our guidance will help keep your team moving forward","image":{"CONTENT_TYPE":"at-image","CONTENTFUL_ID":"2o0GRSo7S1vZojJ1DlY9PH","name":"Collaboration illustration","caption":null,"format":"webp","width":834,"height":456,"image":{"CONTENT_TYPE":"asset","CONTENTFUL_ID":null,"title":"Banner illustration for solution resources","description":null,"contentType":"image/png","url":"https://images.ctfassets.net/5gpmvt00vjd3/7Dm7Ubrg9ksmrM82Ob2yJ1/8e651017b1dc2d32a119b4262906b359/image.png","size":164861}}},"bottomBanner":{"CONTENT_TYPE":"or-bottom-banner","CONTENTFUL_ID":"7APM2tlrZZ16TMYxovPlQQ","name":"Template resources and paths: Bottom banner ","heading":"Purpose-fit guidance and support to ensure your team's success","summary":"Each deployment of Atlassian products is unique, so we offer a breadth of services to design, implement, and optimize solutions for scale.","link":"https://www.atlassian.com/enterprise/services/advisory-services","buttonLabel":"Learn More","image":{"CONTENT_TYPE":"at-image","CONTENTFUL_ID":"38EnEQrxLpDFG6qSSrkGr7","name":"Bottom banner image","caption":null,"format":"webp","width":null,"height":null,"image":{"CONTENT_TYPE":"asset","CONTENTFUL_ID":null,"title":"Bottom banner image","description":null,"contentType":"image/png","url":"https://images.ctfassets.net/5gpmvt00vjd3/6a4gNhPEZz7FZLw6KRu0vS/85552e57762ee5e450784b6eb9e511ca/bottom_banner.png","size":347597}}},"collection":{"CONTENT_TYPE":"sm-solution-resource","CONTENTFUL_ID":"2231224456","name":"Agile \u0026 DevOps (ADO)","title":"Agile \u0026 DevOps (ADO)","slug":"agile-and-devops-ado","seo":null,"teaser":"Our Agile \u0026 DevOps (ADO) solution is the operating system to run a world-class Agile company","summary":"We believe every business needs to become a great software business. Atlassian’s Agile \u0026 DevOps (ADO) solution is the operating system to run a world-class Agile software company from Discovery → Delivery → Operations.","image":{"CONTENT_TYPE":"at-image","CONTENTFUL_ID":"57dIx8j0pXBYEPjjEVmSRU","name":"Agile at scale image","caption":null,"format":"webp","width":null,"height":null,"image":{"CONTENT_TYPE":"asset","CONTENTFUL_ID":null,"title":"ml-support illustration","description":null,"contentType":"image/png","url":"https://images.ctfassets.net/5gpmvt00vjd3/4CLpJyit17wyKuH1QxXobD/18b15b30b47fb323a8521601d17a8e95/ml-support_illustration.png","size":73360}},"cardImage":{"CONTENT_TYPE":"at-image","CONTENTFUL_ID":"11mE5yWcTXXxv1Qaubmxe9","name":"AtImage: Integration Puzzle","caption":null,"format":"webp","width":null,"height":null,"image":{"CONTENT_TYPE":"asset","CONTENTFUL_ID":null,"title":"Integration Puzzle","description":null,"contentType":"image/png","url":"https://images.ctfassets.net/5gpmvt00vjd3/2s8exAc2uKfNHH0Y24mMEx/8db84ce98710bab52089a5ea77655360/e5db2534b38e39ca895eb091295096d5","size":14577}},"topicSets":[{"CONTENT_TYPE":"sm-topic-set","CONTENTFUL_ID":"2a6Bvzc8sLCAC4CcgI3Hph","name":"Agile at Scale Practices ","title":"Agile at Scale Practices","slug":"agile-at-scale-practices","seo":null,"heroImage":null,"cardImage":null,"callToActionLabel":null,"summary":"This section focuses on best practices and implementation tools for following agile practices at a large scale. Teams that can successfully perform agile at scale are able to weather any storm, handle any new demand, and treat challenges as non-events. The definition of “scale” will vary by team, department, and company, but these articles cover topics for a range of sizes and maturity levels.","teaser":"Focus in on best practices and implementation tools you'll need to sharpen your skills and processes by following agile practices at a large scale ","overview":"These articles mostly benefit you if you’re feeling explicit pain, or if you are early in your Atlassian Customer Service \u0026 Innovation (CSI) relationship. We know you need to be good at the soft skills, process, and practice with a certain level of durability in order to effectively operate for a large business. This section will help get you there.","collectionType":"Collection","hidden":null,"topics":[{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"J3qKjEnDCDPmCVDzhxIt4","name":"Defining a vision and creating a value proposition","title":"Defining a vision and creating a value proposition","slug":"defining-a-vision-and-creating-a-value-proposition","seo":null,"teaser":"Learn the steps for driving effective adoption by getting the most out of your Jira and/or Trello tools to define a vision and create a value proposition","contentTypes":["Practice"],"deployments":["Cloud","Data Center and Server"],"products":null,"new":false},{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"1YtX4QGVM4vADif1u93wKn","name":"How to kick start an Atlassian Governance Board","title":"How to kick start an Atlassian Governance Board","slug":"how-to-kick-start-an-atlassian-governance-board","seo":null,"teaser":"Learn best practices for establishing governance and setting up an Atlassian Governance Board","contentTypes":["Overview","How-to"],"deployments":["Cloud","Data Center and Server"],"products":null,"new":false},{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"55AE2P8yeauq2DuJSSvaoT","name":"How to establish app governance","title":"How to establish app governance","slug":"how-to-establish-app-governance","seo":null,"teaser":"Learn the steps to establish application governance of your Atlassian products and Marketplace apps","contentTypes":["How-to"],"deployments":["Cloud","Data Center and Server"],"products":null,"new":false},{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"4zcoQREAXqgBkxVjly4GTw","name":"Jira custom fields governance","title":"Jira custom fields governance","slug":"jira-custom-fields-governance","seo":null,"teaser":"Use these best practices for new custom field creation, identification, and cleanup with respect Jira custom fields governance","contentTypes":["How-to"],"deployments":["Data Center and Server","Cloud"],"products":["Jira Software"],"new":false},{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"7kRVgfZp2kV7X1OtrA6NaN","name":"Shared goals, signals, and measures for your governance board","title":"Shared goals, signals, and measures for your governance board","slug":"shared-goals-signals-and-measures-for-your-governance-board","seo":null,"teaser":"Refine your governance board practices with these shared goals, signals, and measures ","contentTypes":["Overview"],"deployments":["Cloud","Data Center and Server"],"products":["Jira Align","Jira Software","Confluence"],"new":false},{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"1lLqMT8PJNl7ekGb9wZOjc","name":"Team-managed and company-managed projects","title":"Team-managed and company-managed projects","slug":"team-managed-and-company-managed-projects","seo":null,"teaser":"Understand key differences between team-managed and company-managed projects to decide what's right for your team","contentTypes":["Reference"],"deployments":["Cloud","Data Center and Server"],"products":["Jira Software"],"new":false}]},{"CONTENT_TYPE":"sm-topic-set","CONTENTFUL_ID":"4TUeEfR5D2zl7HqgShmfrs","name":"Product-Specific Guidance","title":"Product-Specific Guidance","slug":"product-specific-guidance","seo":null,"heroImage":null,"cardImage":null,"callToActionLabel":null,"summary":"This section provides you with comparisons of Atlassian products to one another and some useful guides to overcome common problems teams usually encounter. The product comparison articles take a step back and look at the big picture to help you assess which is best for you (and when). The guides compare different solutions to common problems so you can make an informed decision about how to solve a specific problem.","teaser":"Compare Atlassian products to one another by using these helpful guides to address common problems, activities, and analytics teams typically encounter ","overview":"These articles provide product-specific, narrowly-focused, advice on best practices and strategies for solving common problems.","collectionType":"Collection","hidden":null,"topics":[{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"6Qa02rPM1yvtNsqswEdVmn","name":"All the ways to serve videos from Confluence Data Center","title":"All the ways to serve videos from Confluence Data Center","slug":"all-the-ways-to-serve-videos-from-confluence-data-center","seo":null,"teaser":"Consider the multiple options and methods for serving videos from Confluence Data Center","contentTypes":["Overview"],"deployments":["Data Center and Server"],"products":["Confluence"],"new":false},{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"7rCUXG3vqwJj9Viri06EsD","name":"Atlassian Data Lake \u0026 Analytics overview","title":"Atlassian Data Lake \u0026 Analytics overview","slug":"atlassian-data-lake-and-analytics-overview","seo":null,"teaser":"Learn how get the most out of analytics modeling and reporting using Atlassian Data Lake and Atlassian Analytics platform tools ","contentTypes":["Overview"],"deployments":["Cloud"],"products":["Atlassian Analytics"],"new":false},{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"LgG58MXu5PB5OXB0uDql6","name":"How to prepare for Jira Align in Jira","title":"How to prepare for Jira Align in Jira","slug":"how-to-prepare-for-jira-align-in-jira","seo":null,"teaser":"Learn recommendations and the steps involved to prepare for Jira Align in your current Jira instance","contentTypes":["How-to"],"deployments":["Cloud","Data Center and Server"],"products":["Jira Align","Jira Software"],"new":false},{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"368Xf0r3YZkGQMyi6ofRXv","name":"Jira Align EAP vs. Labs","title":"Jira Align EAP vs. Labs","slug":"jira-align-eap-vs-labs","seo":null,"teaser":"Understand the key differences between Jira Align Early Access Program (EAP), and Jira Align Labs","contentTypes":["Overview"],"deployments":["Cloud"],"products":["Jira Align"],"new":false},{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"2zMwYuvModgwjTzyCtxuSE","name":"Jira Agile apps and Jira Align comparison","title":"Jira Agile apps and Jira Align comparison","slug":"jira-agile-apps-and-jira-align-comparison","seo":null,"teaser":"Understand the different agile-at-scale use cases by comparing Jira Agile applications with Jira Align for your agile planning product considerations","contentTypes":["Reference"],"deployments":["Cloud","Data Center and Server"],"products":["Jira Align","Jira Software"],"new":false},{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"VW5kZXJzdGFuZGluZyBGZWF0dXJlIFJlcXVlc3RzLCBCdWcgZml4ZXMgYW5kIF","name":"How we prioritize feature requests, bug fixes, and security fixes","title":"How we prioritize feature requests, bug fixes, and security fixes","slug":"how-we-prioritize-feature-requests-bug-fixes-and-security-fixes","seo":null,"teaser":"A guide to understanding jira.atlassian.com workflows and statuses","contentTypes":["Overview"],"deployments":["Cloud","Data Center and Server"],"products":["Jira Service Management","Jira Software"],"new":false},{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"SW5hY3RpdmUgdXNlciBjbGVhbi11cCBmb3IgSmlyYSwgQ29uZmx1ZW5jZSAmIE","name":"Inactive user clean-up for Jira, Confluence, and Bitbucket","title":"Inactive user clean-up for Jira, Confluence, and Bitbucket","slug":"inactive-user-clean-up-for-jira-confluence-and-bitbucket","seo":null,"teaser":"Maintain control of your user directory","contentTypes":["Overview"],"deployments":["Data Center and Server"],"products":["Jira Service Management","Bitbucket","Confluence","Jira Software"],"new":false},{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"22WEZTRPugDyVNessG8evN","name":"Monolithic Bitbucket deployment guidance","title":"Monolithic Bitbucket deployment guidance","slug":"monolithic-bitbucket-deployment-guidance","seo":null,"teaser":"Get detailed architectural guidelines for larger scale, monolithic Bitbucket deployments","contentTypes":["Overview"],"deployments":["Data Center and Server"],"products":["Bitbucket"],"new":false}]},{"CONTENT_TYPE":"sm-topic-set","CONTENTFUL_ID":"6rC2ZytJDgNTy3utpCCmMo","name":"Agile and Operations Performance ","title":"Agile and Operations Performance ","slug":"performance-ado","seo":null,"heroImage":null,"cardImage":null,"callToActionLabel":null,"summary":"Performance in Agile and DevOps might seem like a conflicting story, but it's not. Agile performance management is a collaborative, continuous feedback, development practice informed by agile principles and processes. This is very similar to the performance requirements hidden in the promise of DevOps — shipping higher quality products, faster. To do that, teams need to collect, analyze, and measure numerous metrics. It's all about iteration, no matter which team you're on!","teaser":"Improve your Confluence, Jira, Bitbucket, or server configuration performance by making impactful changes to increase your system’s efficiency","overview":"These articles focus on big changes you can make to tweak your system’s efficiency. These are the big levers to pull when you want to improve Confluence, Jira, Bitbucket, or your server configuration performance.","collectionType":"Collection","hidden":null,"topics":[{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"64xVAkFrWhRWbp9Ojsc8ts","name":"Bitbucket metrics","title":"Bitbucket metrics","slug":"bitbucket-metrics","seo":null,"teaser":"Get the most out of Bitbucket by understanding the outcome you're trying to achieve, then examining key insights in order to make key decisions","contentTypes":["Overview"],"deployments":["Data Center and Server","Cloud"],"products":["Bitbucket"],"new":false},{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"4zVDvHZpDHEyVuFJBRdlWh","name":"Confluence organization and clean up recommendations","title":"Confluence organization and clean up recommendations","slug":"confluence-organization-and-clean-up-recommendations","seo":null,"teaser":"Improve your content structure by analyzing your current state and employing recommended organizational and cleanup practices for your Confluence instance","contentTypes":["Practice"],"deployments":["Cloud","Data Center and Server"],"products":["Confluence"],"new":false},{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"Z7h5BcckuxToi820lMi2M","name":"Load, performance, and stress testing considerations","title":"Load, performance, and stress testing considerations","slug":"load-performance-stress-testing-considerations","seo":null,"teaser":"Understand key considerations in designing and building load, performance, and stress tests to validate scalability","contentTypes":["Practice"],"deployments":["Data Center and Server"],"products":["Jira Service Management","Jira Product Discovery","Jira Software","Jira Align","Confluence","Opsgenie","Statuspage","Bitbucket","Fisheye","Bamboo","Sourcetree","Crucible","Crowd"],"new":false},{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"4BiUIT43qqa8LbbPzoMQ0q","name":"Managing attachment growth in Jira and Confluence","title":"Managing attachment growth in Jira and Confluence","slug":"managing-attachment-growth-in-jira-and-confluence","seo":null,"teaser":"Learn best practices for how to manage increasing attachments in your Jira and Confluence instances","contentTypes":["Practice"],"deployments":["Cloud","Data Center and Server"],"products":["Confluence","Jira Software"],"new":false},{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"7qcMkVeKp7unPB6CZGIfA4","name":"How to take thread dumps and analyze them","title":"How to take thread dumps and analyze them","slug":"how-to-take-thread-dumps-and-analyze-them","seo":null,"teaser":"Learn how to address issues quickly with thread dump collection and analysis","contentTypes":["How-to"],"deployments":["Data Center and Server"],"products":["Bitbucket","Jira Software"],"new":false},{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"QW5hbHl0aWNzIDEwMSBHdWlkZQ","name":"Analytics 101","title":"Analytics 101","slug":"analytics-101","seo":null,"teaser":"Learn the steps to get started with Atlassian Analytics","contentTypes":["Overview"],"deployments":["Cloud"],"products":["Jira Service Management","Jira Software","Jira Work Management","Atlassian Analytics","Confluence"],"new":false}]},{"CONTENT_TYPE":"sm-topic-set","CONTENTFUL_ID":"1uqWsN2oWpCI6eEkS4apli","name":"Sprint Reporting","title":"Sprint Reporting","slug":"sprint-reporting","seo":null,"heroImage":null,"cardImage":null,"callToActionLabel":null,"summary":"These best practices help you gather and monitoring metrics related to sprints. After you have your foundational sprint ceremonies and roles established, these tools and systems will help you take your teams output performance to the next level.","teaser":"Learn ways to optimize your sprint analysis and reporting, plus agile planning and preparation activities, to help increase your team's output performance","overview":"Many teams know about the basics of agile methods, but obtaining statistics, interpreting them in useful ways, and introducing solutions based on that data help unleash the potential of every team.","collectionType":"Collection","hidden":null,"topics":[{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"7dXcRQhAvMdVnqBJurrG92","name":"Advanced Roadmaps introduction and available resources","title":"Advanced Roadmaps introduction and available resources","slug":"advanced-roadmaps-introduction-and-available-resources","seo":null,"teaser":"Get the big-picture overview of Advanced Roadmaps for Jira with complete list of available resources","contentTypes":["Reference"],"deployments":["Cloud","Data Center and Server"],"products":["Jira Software"],"new":false},{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"4cIk32RtBZkx0ZKmzjRZf4","name":"General overview of agile metrics","title":"General overview of agile metrics","slug":"general-overview-agile-metrics","seo":null,"teaser":"Get a basic understanding of agile metrics, plus recommendations, typical metrics, and example reports","contentTypes":["Overview"],"deployments":["Cloud","Data Center and Server"],"products":["Jira Software"],"new":false},{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"QWQWpBAxXEKNxxGun2jdt","name":"Preparing for Advanced Roadmaps","title":"Preparing for Advanced Roadmaps","slug":"preparing-for-advanced-roadmaps","seo":null,"teaser":"Understand the impact of Jira activity on your roadmap to help in planning an effective Advanced Roadmaps rollout","contentTypes":["How-to"],"deployments":["Cloud","Data Center and Server"],"products":["Jira Software"],"new":false}]},{"CONTENT_TYPE":"sm-topic-set","CONTENTFUL_ID":"3S8ilDr4BKno5uAB4RXNLI","name":"Platform Administration","title":"Platform Administration","slug":"platform-administration","seo":null,"heroImage":null,"cardImage":null,"callToActionLabel":null,"summary":"Whether you’re onboarding new team members, modifying current permissions, off-boarding people, or anything in-between, this section teaches you how to best use the tools available. The articles cover topics like product access, teams versus individuals, and automated onboarding.","teaser":"Learn recommended methods to smoothly manage your users, as well as how to implement automated practices using available tools in the most efficient way possible","overview":"These articles explain both the best ways to smoothly manage your users, as well as how to implement automated practices. Insightful diagrams help explain difficult concepts in an easy to consume format.","collectionType":"Collection","hidden":null,"topics":[{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"2B7C7JdbJHVbCPXdqMuiHa","name":"Automatic user (de)provisioning in cloud","title":"Automatic user (de)provisioning in cloud","slug":"automatic-user-de-provisioning-in-cloud","seo":null,"teaser":"Understand the technical considerations in preparation for deploying automatic user (de)provisioning in cloud","contentTypes":["How-to"],"deployments":["Cloud"],"products":["Atlassian Access"],"new":false},{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"mFPZMWgfp9f5dTzBu3Cxa","name":"Atlassian Access APIs and user provisioning","title":"Atlassian Access APIs and user provisioning","slug":"atlassian-access-apis-and-user-provisioning","seo":null,"teaser":"Understand key terms associated with user provisioning when working with Atlassian Access APIs","contentTypes":["Overview"],"deployments":["Cloud"],"products":["Atlassian Access"],"new":false},{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"4fc0EkJzUYCWXbpFWAYswC","name":"How to secure Jira and Confluence REST API calls in Data Center","title":"How to secure Jira and Confluence REST API calls in Data Center","slug":"how-to-secure-jira-and-confluence-rest-api-calls-in-data-center","seo":null,"teaser":"Learn recommended methods for securing Jira and Confluence REST API calls in Data Center","contentTypes":["How-to"],"deployments":["Data Center and Server"],"products":["Jira Software","Confluence"],"new":false},{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"5XcjneRRcQT1V3eUvnmuWB","name":"Managing external users/contractors in the cloud","title":"Managing external users/contractors in the cloud","slug":"managing-external-users-contractors-in-a-cloud-world","seo":null,"teaser":"Understand various Atlassian user accounts and how to manage external users/contractors in a Cloud environment","contentTypes":["Reference"],"deployments":["Cloud","Data Center and Server"],"products":["Atlassian Access","Atlassian Analytics","Confluence","Opsgenie","Statuspage","Bitbucket","Fisheye","Bamboo","Sourcetree","Crucible","Crowd","Trello","Atlas","Halp","Compass","Jira Service Management","Jira Product Discovery","Jira Software","Jira Align","Jira Work Management"],"new":false},{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"30H354bY2veqzgq0kvJQwQ","name":"Setting up the GitLab and Jira DVCS connector","title":"Setting up the GitLab and Jira DVCS connector","slug":"setting-up-gitlab-and-jira-dvcs-connector","seo":null,"teaser":"Understand the mechanics behind the GitLab and Jira DVCS connector and how to set it up","contentTypes":["How-to"],"deployments":["Cloud","Data Center and Server"],"products":["Jira Software"],"new":false},{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"7crKK8U0j8qqZHkqMR7Hwh","name":"Best practices for plugin and script development","title":"Best practices for plugin and script development","slug":"best-practices-for-plugin-and-script-development","seo":null,"teaser":"Learn how to employ recommended best practices for plugin and script development","contentTypes":["Overview"],"deployments":["Data Center and Server"],"products":["Jira Software","Confluence"],"new":false},{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"7t7WbB81FDcBOqxDTWAdLZ","name":"Infrastructure upgrades and patch management downtime","title":"Infrastructure upgrades and patch management downtime","slug":"infrastructure-upgrades-and-patch-management-downtime","seo":null,"teaser":"Understand approaches to infrastructure upgrades and best practices for patch management downtime","contentTypes":["Reference"],"deployments":["Data Center and Server"],"products":["Jira Software","Jira Service Management","Confluence","Bitbucket","Fisheye","Bamboo","Sourcetree","Crucible","Crowd"],"new":false},{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"1RlJQ3m7PMf49UDvJoO1PW","name":"Shared storage for Atlassian Data Center tools","title":"Shared storage for Atlassian Data Center tools","slug":"shared-storage-for-atlassian-tools","seo":null,"teaser":"Learn about available solutions and troubleshooting tips and considerations when designing shared storage for your Atlassian Data Center tools","contentTypes":["Practice"],"deployments":["Data Center and Server"],"products":["Confluence","Bitbucket","Jira Software"],"new":false},{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"SG93IHRvIERlbGV0ZSBZb3VyIFNpdGUgJiBDYW5jZWwgWW91ciBTdWJzY3JpcH","name":"What to do when you discover an unauthorized site or product","title":"What to do when you discover an unauthorized site or product","slug":"what-to-do-when-you-discover-an-unauthorized-site-or-product","seo":null,"teaser":"Steps to take when you discover an unauthorized site or product","contentTypes":["Overview"],"deployments":null,"products":null,"new":false},{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"SW1wbGVtZW50aW5nIGEgYnJlYWsgZ2xhc3MgU1NPIGJ5cGFzcyB3aXRoIEF0bG","name":"Implementing a break glass SSO bypass with Atlassian Access","title":"Implementing a break glass SSO bypass with Atlassian Access","slug":"implementing-a-break-glass-sso-bypass-with-atlassian-access","seo":null,"teaser":"Ensure users can always access their Atlassian account","contentTypes":["Overview"],"deployments":["Cloud"],"products":["Jira Service Management","Atlassian Access"],"new":false},{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"TGV0IEF0bGFzc2lhbiBDZXJ0aWZpY2F0aW9ucyBSZWluZm9yY2UgWW91ciBDYX","name":"Validate your expertise and advance your career with Atlassian certifications","title":"Validate your expertise and advance your career with Atlassian certifications","slug":"validate-your-expertise-and-advance-your-career-with-atlassian","seo":null,"teaser":"Learn how Atlassian certifications can advance your career","contentTypes":null,"deployments":["Cloud","Data Center and Server"],"products":["Jira Service Management","Confluence","Jira Software"],"new":false},{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"1b8Vj6fZS1wNmkwPV32iXS","name":"Atlassian training options","title":"Atlassian training options","slug":"atlassian-training-options","seo":null,"teaser":"Learn which Atlassian training options are available, get answers to FAQs, and find out how to get started","contentTypes":["Reference"],"deployments":["Cloud","Data Center and Server"],"products":["Jira Software"],"new":false}]}]},"topicSet":{"CONTENT_TYPE":"sm-topic-set","CONTENTFUL_ID":"3S8ilDr4BKno5uAB4RXNLI","name":"Platform Administration","title":"Platform Administration","slug":"platform-administration","seo":null,"heroImage":null,"cardImage":null,"callToActionLabel":null,"summary":"Whether you’re onboarding new team members, modifying current permissions, off-boarding people, or anything in-between, this section teaches you how to best use the tools available. The articles cover topics like product access, teams versus individuals, and automated onboarding.","teaser":"Learn recommended methods to smoothly manage your users, as well as how to implement automated practices using available tools in the most efficient way possible","overview":"These articles explain both the best ways to smoothly manage your users, as well as how to implement automated practices. Insightful diagrams help explain difficult concepts in an easy to consume format.","collectionType":"Collection","hidden":null,"topics":[{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"2B7C7JdbJHVbCPXdqMuiHa","name":"Automatic user (de)provisioning in cloud","title":"Automatic user (de)provisioning in cloud","slug":"automatic-user-de-provisioning-in-cloud","seo":null,"teaser":"Understand the technical considerations in preparation for deploying automatic user (de)provisioning in cloud","contentTypes":["How-to"],"deployments":["Cloud"],"products":["Atlassian Access"],"new":false},{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"mFPZMWgfp9f5dTzBu3Cxa","name":"Atlassian Access APIs and user provisioning","title":"Atlassian Access APIs and user provisioning","slug":"atlassian-access-apis-and-user-provisioning","seo":null,"teaser":"Understand key terms associated with user provisioning when working with Atlassian Access APIs","contentTypes":["Overview"],"deployments":["Cloud"],"products":["Atlassian Access"],"new":false},{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"4fc0EkJzUYCWXbpFWAYswC","name":"How to secure Jira and Confluence REST API calls in Data Center","title":"How to secure Jira and Confluence REST API calls in Data Center","slug":"how-to-secure-jira-and-confluence-rest-api-calls-in-data-center","seo":null,"teaser":"Learn recommended methods for securing Jira and Confluence REST API calls in Data Center","contentTypes":["How-to"],"deployments":["Data Center and Server"],"products":["Jira Software","Confluence"],"new":false},{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"5XcjneRRcQT1V3eUvnmuWB","name":"Managing external users/contractors in the cloud","title":"Managing external users/contractors in the cloud","slug":"managing-external-users-contractors-in-a-cloud-world","seo":null,"teaser":"Understand various Atlassian user accounts and how to manage external users/contractors in a Cloud environment","contentTypes":["Reference"],"deployments":["Cloud","Data Center and Server"],"products":["Atlassian Access","Atlassian Analytics","Confluence","Opsgenie","Statuspage","Bitbucket","Fisheye","Bamboo","Sourcetree","Crucible","Crowd","Trello","Atlas","Halp","Compass","Jira Service Management","Jira Product Discovery","Jira Software","Jira Align","Jira Work Management"],"new":false},{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"30H354bY2veqzgq0kvJQwQ","name":"Setting up the GitLab and Jira DVCS connector","title":"Setting up the GitLab and Jira DVCS connector","slug":"setting-up-gitlab-and-jira-dvcs-connector","seo":null,"teaser":"Understand the mechanics behind the GitLab and Jira DVCS connector and how to set it up","contentTypes":["How-to"],"deployments":["Cloud","Data Center and Server"],"products":["Jira Software"],"new":false},{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"7crKK8U0j8qqZHkqMR7Hwh","name":"Best practices for plugin and script development","title":"Best practices for plugin and script development","slug":"best-practices-for-plugin-and-script-development","seo":null,"teaser":"Learn how to employ recommended best practices for plugin and script development","contentTypes":["Overview"],"deployments":["Data Center and Server"],"products":["Jira Software","Confluence"],"new":false},{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"7t7WbB81FDcBOqxDTWAdLZ","name":"Infrastructure upgrades and patch management downtime","title":"Infrastructure upgrades and patch management downtime","slug":"infrastructure-upgrades-and-patch-management-downtime","seo":null,"teaser":"Understand approaches to infrastructure upgrades and best practices for patch management downtime","contentTypes":["Reference"],"deployments":["Data Center and Server"],"products":["Jira Software","Jira Service Management","Confluence","Bitbucket","Fisheye","Bamboo","Sourcetree","Crucible","Crowd"],"new":false},{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"1RlJQ3m7PMf49UDvJoO1PW","name":"Shared storage for Atlassian Data Center tools","title":"Shared storage for Atlassian Data Center tools","slug":"shared-storage-for-atlassian-tools","seo":null,"teaser":"Learn about available solutions and troubleshooting tips and considerations when designing shared storage for your Atlassian Data Center tools","contentTypes":["Practice"],"deployments":["Data Center and Server"],"products":["Confluence","Bitbucket","Jira Software"],"new":false},{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"SG93IHRvIERlbGV0ZSBZb3VyIFNpdGUgJiBDYW5jZWwgWW91ciBTdWJzY3JpcH","name":"What to do when you discover an unauthorized site or product","title":"What to do when you discover an unauthorized site or product","slug":"what-to-do-when-you-discover-an-unauthorized-site-or-product","seo":null,"teaser":"Steps to take when you discover an unauthorized site or product","contentTypes":["Overview"],"deployments":null,"products":null,"new":false},{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"SW1wbGVtZW50aW5nIGEgYnJlYWsgZ2xhc3MgU1NPIGJ5cGFzcyB3aXRoIEF0bG","name":"Implementing a break glass SSO bypass with Atlassian Access","title":"Implementing a break glass SSO bypass with Atlassian Access","slug":"implementing-a-break-glass-sso-bypass-with-atlassian-access","seo":null,"teaser":"Ensure users can always access their Atlassian account","contentTypes":["Overview"],"deployments":["Cloud"],"products":["Jira Service Management","Atlassian Access"],"new":false},{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"TGV0IEF0bGFzc2lhbiBDZXJ0aWZpY2F0aW9ucyBSZWluZm9yY2UgWW91ciBDYX","name":"Validate your expertise and advance your career with Atlassian certifications","title":"Validate your expertise and advance your career with Atlassian certifications","slug":"validate-your-expertise-and-advance-your-career-with-atlassian","seo":null,"teaser":"Learn how Atlassian certifications can advance your career","contentTypes":null,"deployments":["Cloud","Data Center and Server"],"products":["Jira Service Management","Confluence","Jira Software"],"new":false},{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"1b8Vj6fZS1wNmkwPV32iXS","name":"Atlassian training options","title":"Atlassian training options","slug":"atlassian-training-options","seo":null,"teaser":"Learn which Atlassian training options are available, get answers to FAQs, and find out how to get started","contentTypes":["Reference"],"deployments":["Cloud","Data Center and Server"],"products":["Jira Software"],"new":false}]},"solutionPath":null,"solutionResource":{"CONTENT_TYPE":"sm-solution-resource","CONTENTFUL_ID":"2231224456","name":"Agile \u0026 DevOps (ADO)","title":"Agile \u0026 DevOps (ADO)","slug":"agile-and-devops-ado","seo":null,"teaser":"Our Agile \u0026 DevOps (ADO) solution is the operating system to run a world-class Agile company","summary":"We believe every business needs to become a great software business. Atlassian’s Agile \u0026 DevOps (ADO) solution is the operating system to run a world-class Agile software company from Discovery → Delivery → Operations.","image":{"CONTENT_TYPE":"at-image","CONTENTFUL_ID":"57dIx8j0pXBYEPjjEVmSRU","name":"Agile at scale image","caption":null,"format":"webp","width":null,"height":null,"image":{"CONTENT_TYPE":"asset","CONTENTFUL_ID":null,"title":"ml-support illustration","description":null,"contentType":"image/png","url":"https://images.ctfassets.net/5gpmvt00vjd3/4CLpJyit17wyKuH1QxXobD/18b15b30b47fb323a8521601d17a8e95/ml-support_illustration.png","size":73360}},"cardImage":{"CONTENT_TYPE":"at-image","CONTENTFUL_ID":"11mE5yWcTXXxv1Qaubmxe9","name":"AtImage: Integration Puzzle","caption":null,"format":"webp","width":null,"height":null,"image":{"CONTENT_TYPE":"asset","CONTENTFUL_ID":null,"title":"Integration Puzzle","description":null,"contentType":"image/png","url":"https://images.ctfassets.net/5gpmvt00vjd3/2s8exAc2uKfNHH0Y24mMEx/8db84ce98710bab52089a5ea77655360/e5db2534b38e39ca895eb091295096d5","size":14577}},"topicSets":[{"CONTENT_TYPE":"sm-topic-set","CONTENTFUL_ID":"2a6Bvzc8sLCAC4CcgI3Hph","name":"Agile at Scale Practices ","title":"Agile at Scale Practices","slug":"agile-at-scale-practices","seo":null,"heroImage":null,"cardImage":null,"callToActionLabel":null,"summary":"This section focuses on best practices and implementation tools for following agile practices at a large scale. Teams that can successfully perform agile at scale are able to weather any storm, handle any new demand, and treat challenges as non-events. The definition of “scale” will vary by team, department, and company, but these articles cover topics for a range of sizes and maturity levels.","teaser":"Focus in on best practices and implementation tools you'll need to sharpen your skills and processes by following agile practices at a large scale ","overview":"These articles mostly benefit you if you’re feeling explicit pain, or if you are early in your Atlassian Customer Service \u0026 Innovation (CSI) relationship. We know you need to be good at the soft skills, process, and practice with a certain level of durability in order to effectively operate for a large business. This section will help get you there.","collectionType":"Collection","hidden":null,"topics":[{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"J3qKjEnDCDPmCVDzhxIt4","name":"Defining a vision and creating a value proposition","title":"Defining a vision and creating a value proposition","slug":"defining-a-vision-and-creating-a-value-proposition","seo":null,"teaser":"Learn the steps for driving effective adoption by getting the most out of your Jira and/or Trello tools to define a vision and create a value proposition","contentTypes":["Practice"],"deployments":["Cloud","Data Center and Server"],"products":null,"new":false},{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"1YtX4QGVM4vADif1u93wKn","name":"How to kick start an Atlassian Governance Board","title":"How to kick start an Atlassian Governance Board","slug":"how-to-kick-start-an-atlassian-governance-board","seo":null,"teaser":"Learn best practices for establishing governance and setting up an Atlassian Governance Board","contentTypes":["Overview","How-to"],"deployments":["Cloud","Data Center and Server"],"products":null,"new":false},{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"55AE2P8yeauq2DuJSSvaoT","name":"How to establish app governance","title":"How to establish app governance","slug":"how-to-establish-app-governance","seo":null,"teaser":"Learn the steps to establish application governance of your Atlassian products and Marketplace apps","contentTypes":["How-to"],"deployments":["Cloud","Data Center and Server"],"products":null,"new":false},{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"4zcoQREAXqgBkxVjly4GTw","name":"Jira custom fields governance","title":"Jira custom fields governance","slug":"jira-custom-fields-governance","seo":null,"teaser":"Use these best practices for new custom field creation, identification, and cleanup with respect Jira custom fields governance","contentTypes":["How-to"],"deployments":["Data Center and Server","Cloud"],"products":["Jira Software"],"new":false},{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"7kRVgfZp2kV7X1OtrA6NaN","name":"Shared goals, signals, and measures for your governance board","title":"Shared goals, signals, and measures for your governance board","slug":"shared-goals-signals-and-measures-for-your-governance-board","seo":null,"teaser":"Refine your governance board practices with these shared goals, signals, and measures ","contentTypes":["Overview"],"deployments":["Cloud","Data Center and Server"],"products":["Jira Align","Jira Software","Confluence"],"new":false},{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"1lLqMT8PJNl7ekGb9wZOjc","name":"Team-managed and company-managed projects","title":"Team-managed and company-managed projects","slug":"team-managed-and-company-managed-projects","seo":null,"teaser":"Understand key differences between team-managed and company-managed projects to decide what's right for your team","contentTypes":["Reference"],"deployments":["Cloud","Data Center and Server"],"products":["Jira Software"],"new":false}]},{"CONTENT_TYPE":"sm-topic-set","CONTENTFUL_ID":"4TUeEfR5D2zl7HqgShmfrs","name":"Product-Specific Guidance","title":"Product-Specific Guidance","slug":"product-specific-guidance","seo":null,"heroImage":null,"cardImage":null,"callToActionLabel":null,"summary":"This section provides you with comparisons of Atlassian products to one another and some useful guides to overcome common problems teams usually encounter. The product comparison articles take a step back and look at the big picture to help you assess which is best for you (and when). The guides compare different solutions to common problems so you can make an informed decision about how to solve a specific problem.","teaser":"Compare Atlassian products to one another by using these helpful guides to address common problems, activities, and analytics teams typically encounter ","overview":"These articles provide product-specific, narrowly-focused, advice on best practices and strategies for solving common problems.","collectionType":"Collection","hidden":null,"topics":[{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"6Qa02rPM1yvtNsqswEdVmn","name":"All the ways to serve videos from Confluence Data Center","title":"All the ways to serve videos from Confluence Data Center","slug":"all-the-ways-to-serve-videos-from-confluence-data-center","seo":null,"teaser":"Consider the multiple options and methods for serving videos from Confluence Data Center","contentTypes":["Overview"],"deployments":["Data Center and Server"],"products":["Confluence"],"new":false},{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"7rCUXG3vqwJj9Viri06EsD","name":"Atlassian Data Lake \u0026 Analytics overview","title":"Atlassian Data Lake \u0026 Analytics overview","slug":"atlassian-data-lake-and-analytics-overview","seo":null,"teaser":"Learn how get the most out of analytics modeling and reporting using Atlassian Data Lake and Atlassian Analytics platform tools ","contentTypes":["Overview"],"deployments":["Cloud"],"products":["Atlassian Analytics"],"new":false},{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"LgG58MXu5PB5OXB0uDql6","name":"How to prepare for Jira Align in Jira","title":"How to prepare for Jira Align in Jira","slug":"how-to-prepare-for-jira-align-in-jira","seo":null,"teaser":"Learn recommendations and the steps involved to prepare for Jira Align in your current Jira instance","contentTypes":["How-to"],"deployments":["Cloud","Data Center and Server"],"products":["Jira Align","Jira Software"],"new":false},{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"368Xf0r3YZkGQMyi6ofRXv","name":"Jira Align EAP vs. Labs","title":"Jira Align EAP vs. Labs","slug":"jira-align-eap-vs-labs","seo":null,"teaser":"Understand the key differences between Jira Align Early Access Program (EAP), and Jira Align Labs","contentTypes":["Overview"],"deployments":["Cloud"],"products":["Jira Align"],"new":false},{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"2zMwYuvModgwjTzyCtxuSE","name":"Jira Agile apps and Jira Align comparison","title":"Jira Agile apps and Jira Align comparison","slug":"jira-agile-apps-and-jira-align-comparison","seo":null,"teaser":"Understand the different agile-at-scale use cases by comparing Jira Agile applications with Jira Align for your agile planning product considerations","contentTypes":["Reference"],"deployments":["Cloud","Data Center and Server"],"products":["Jira Align","Jira Software"],"new":false},{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"VW5kZXJzdGFuZGluZyBGZWF0dXJlIFJlcXVlc3RzLCBCdWcgZml4ZXMgYW5kIF","name":"How we prioritize feature requests, bug fixes, and security fixes","title":"How we prioritize feature requests, bug fixes, and security fixes","slug":"how-we-prioritize-feature-requests-bug-fixes-and-security-fixes","seo":null,"teaser":"A guide to understanding jira.atlassian.com workflows and statuses","contentTypes":["Overview"],"deployments":["Cloud","Data Center and Server"],"products":["Jira Service Management","Jira Software"],"new":false},{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"SW5hY3RpdmUgdXNlciBjbGVhbi11cCBmb3IgSmlyYSwgQ29uZmx1ZW5jZSAmIE","name":"Inactive user clean-up for Jira, Confluence, and Bitbucket","title":"Inactive user clean-up for Jira, Confluence, and Bitbucket","slug":"inactive-user-clean-up-for-jira-confluence-and-bitbucket","seo":null,"teaser":"Maintain control of your user directory","contentTypes":["Overview"],"deployments":["Data Center and Server"],"products":["Jira Service Management","Bitbucket","Confluence","Jira Software"],"new":false},{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"22WEZTRPugDyVNessG8evN","name":"Monolithic Bitbucket deployment guidance","title":"Monolithic Bitbucket deployment guidance","slug":"monolithic-bitbucket-deployment-guidance","seo":null,"teaser":"Get detailed architectural guidelines for larger scale, monolithic Bitbucket deployments","contentTypes":["Overview"],"deployments":["Data Center and Server"],"products":["Bitbucket"],"new":false}]},{"CONTENT_TYPE":"sm-topic-set","CONTENTFUL_ID":"6rC2ZytJDgNTy3utpCCmMo","name":"Agile and Operations Performance ","title":"Agile and Operations Performance ","slug":"performance-ado","seo":null,"heroImage":null,"cardImage":null,"callToActionLabel":null,"summary":"Performance in Agile and DevOps might seem like a conflicting story, but it's not. Agile performance management is a collaborative, continuous feedback, development practice informed by agile principles and processes. This is very similar to the performance requirements hidden in the promise of DevOps — shipping higher quality products, faster. To do that, teams need to collect, analyze, and measure numerous metrics. It's all about iteration, no matter which team you're on!","teaser":"Improve your Confluence, Jira, Bitbucket, or server configuration performance by making impactful changes to increase your system’s efficiency","overview":"These articles focus on big changes you can make to tweak your system’s efficiency. These are the big levers to pull when you want to improve Confluence, Jira, Bitbucket, or your server configuration performance.","collectionType":"Collection","hidden":null,"topics":[{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"64xVAkFrWhRWbp9Ojsc8ts","name":"Bitbucket metrics","title":"Bitbucket metrics","slug":"bitbucket-metrics","seo":null,"teaser":"Get the most out of Bitbucket by understanding the outcome you're trying to achieve, then examining key insights in order to make key decisions","contentTypes":["Overview"],"deployments":["Data Center and Server","Cloud"],"products":["Bitbucket"],"new":false},{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"4zVDvHZpDHEyVuFJBRdlWh","name":"Confluence organization and clean up recommendations","title":"Confluence organization and clean up recommendations","slug":"confluence-organization-and-clean-up-recommendations","seo":null,"teaser":"Improve your content structure by analyzing your current state and employing recommended organizational and cleanup practices for your Confluence instance","contentTypes":["Practice"],"deployments":["Cloud","Data Center and Server"],"products":["Confluence"],"new":false},{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"Z7h5BcckuxToi820lMi2M","name":"Load, performance, and stress testing considerations","title":"Load, performance, and stress testing considerations","slug":"load-performance-stress-testing-considerations","seo":null,"teaser":"Understand key considerations in designing and building load, performance, and stress tests to validate scalability","contentTypes":["Practice"],"deployments":["Data Center and Server"],"products":["Jira Service Management","Jira Product Discovery","Jira Software","Jira Align","Confluence","Opsgenie","Statuspage","Bitbucket","Fisheye","Bamboo","Sourcetree","Crucible","Crowd"],"new":false},{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"4BiUIT43qqa8LbbPzoMQ0q","name":"Managing attachment growth in Jira and Confluence","title":"Managing attachment growth in Jira and Confluence","slug":"managing-attachment-growth-in-jira-and-confluence","seo":null,"teaser":"Learn best practices for how to manage increasing attachments in your Jira and Confluence instances","contentTypes":["Practice"],"deployments":["Cloud","Data Center and Server"],"products":["Confluence","Jira Software"],"new":false},{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"7qcMkVeKp7unPB6CZGIfA4","name":"How to take thread dumps and analyze them","title":"How to take thread dumps and analyze them","slug":"how-to-take-thread-dumps-and-analyze-them","seo":null,"teaser":"Learn how to address issues quickly with thread dump collection and analysis","contentTypes":["How-to"],"deployments":["Data Center and Server"],"products":["Bitbucket","Jira Software"],"new":false},{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"QW5hbHl0aWNzIDEwMSBHdWlkZQ","name":"Analytics 101","title":"Analytics 101","slug":"analytics-101","seo":null,"teaser":"Learn the steps to get started with Atlassian Analytics","contentTypes":["Overview"],"deployments":["Cloud"],"products":["Jira Service Management","Jira Software","Jira Work Management","Atlassian Analytics","Confluence"],"new":false}]},{"CONTENT_TYPE":"sm-topic-set","CONTENTFUL_ID":"1uqWsN2oWpCI6eEkS4apli","name":"Sprint Reporting","title":"Sprint Reporting","slug":"sprint-reporting","seo":null,"heroImage":null,"cardImage":null,"callToActionLabel":null,"summary":"These best practices help you gather and monitoring metrics related to sprints. After you have your foundational sprint ceremonies and roles established, these tools and systems will help you take your teams output performance to the next level.","teaser":"Learn ways to optimize your sprint analysis and reporting, plus agile planning and preparation activities, to help increase your team's output performance","overview":"Many teams know about the basics of agile methods, but obtaining statistics, interpreting them in useful ways, and introducing solutions based on that data help unleash the potential of every team.","collectionType":"Collection","hidden":null,"topics":[{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"7dXcRQhAvMdVnqBJurrG92","name":"Advanced Roadmaps introduction and available resources","title":"Advanced Roadmaps introduction and available resources","slug":"advanced-roadmaps-introduction-and-available-resources","seo":null,"teaser":"Get the big-picture overview of Advanced Roadmaps for Jira with complete list of available resources","contentTypes":["Reference"],"deployments":["Cloud","Data Center and Server"],"products":["Jira Software"],"new":false},{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"4cIk32RtBZkx0ZKmzjRZf4","name":"General overview of agile metrics","title":"General overview of agile metrics","slug":"general-overview-agile-metrics","seo":null,"teaser":"Get a basic understanding of agile metrics, plus recommendations, typical metrics, and example reports","contentTypes":["Overview"],"deployments":["Cloud","Data Center and Server"],"products":["Jira Software"],"new":false},{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"QWQWpBAxXEKNxxGun2jdt","name":"Preparing for Advanced Roadmaps","title":"Preparing for Advanced Roadmaps","slug":"preparing-for-advanced-roadmaps","seo":null,"teaser":"Understand the impact of Jira activity on your roadmap to help in planning an effective Advanced Roadmaps rollout","contentTypes":["How-to"],"deployments":["Cloud","Data Center and Server"],"products":["Jira Software"],"new":false}]},{"CONTENT_TYPE":"sm-topic-set","CONTENTFUL_ID":"3S8ilDr4BKno5uAB4RXNLI","name":"Platform Administration","title":"Platform Administration","slug":"platform-administration","seo":null,"heroImage":null,"cardImage":null,"callToActionLabel":null,"summary":"Whether you’re onboarding new team members, modifying current permissions, off-boarding people, or anything in-between, this section teaches you how to best use the tools available. The articles cover topics like product access, teams versus individuals, and automated onboarding.","teaser":"Learn recommended methods to smoothly manage your users, as well as how to implement automated practices using available tools in the most efficient way possible","overview":"These articles explain both the best ways to smoothly manage your users, as well as how to implement automated practices. Insightful diagrams help explain difficult concepts in an easy to consume format.","collectionType":"Collection","hidden":null,"topics":[{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"2B7C7JdbJHVbCPXdqMuiHa","name":"Automatic user (de)provisioning in cloud","title":"Automatic user (de)provisioning in cloud","slug":"automatic-user-de-provisioning-in-cloud","seo":null,"teaser":"Understand the technical considerations in preparation for deploying automatic user (de)provisioning in cloud","contentTypes":["How-to"],"deployments":["Cloud"],"products":["Atlassian Access"],"new":false},{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"mFPZMWgfp9f5dTzBu3Cxa","name":"Atlassian Access APIs and user provisioning","title":"Atlassian Access APIs and user provisioning","slug":"atlassian-access-apis-and-user-provisioning","seo":null,"teaser":"Understand key terms associated with user provisioning when working with Atlassian Access APIs","contentTypes":["Overview"],"deployments":["Cloud"],"products":["Atlassian Access"],"new":false},{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"4fc0EkJzUYCWXbpFWAYswC","name":"How to secure Jira and Confluence REST API calls in Data Center","title":"How to secure Jira and Confluence REST API calls in Data Center","slug":"how-to-secure-jira-and-confluence-rest-api-calls-in-data-center","seo":null,"teaser":"Learn recommended methods for securing Jira and Confluence REST API calls in Data Center","contentTypes":["How-to"],"deployments":["Data Center and Server"],"products":["Jira Software","Confluence"],"new":false},{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"5XcjneRRcQT1V3eUvnmuWB","name":"Managing external users/contractors in the cloud","title":"Managing external users/contractors in the cloud","slug":"managing-external-users-contractors-in-a-cloud-world","seo":null,"teaser":"Understand various Atlassian user accounts and how to manage external users/contractors in a Cloud environment","contentTypes":["Reference"],"deployments":["Cloud","Data Center and Server"],"products":["Atlassian Access","Atlassian Analytics","Confluence","Opsgenie","Statuspage","Bitbucket","Fisheye","Bamboo","Sourcetree","Crucible","Crowd","Trello","Atlas","Halp","Compass","Jira Service Management","Jira Product Discovery","Jira Software","Jira Align","Jira Work Management"],"new":false},{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"30H354bY2veqzgq0kvJQwQ","name":"Setting up the GitLab and Jira DVCS connector","title":"Setting up the GitLab and Jira DVCS connector","slug":"setting-up-gitlab-and-jira-dvcs-connector","seo":null,"teaser":"Understand the mechanics behind the GitLab and Jira DVCS connector and how to set it up","contentTypes":["How-to"],"deployments":["Cloud","Data Center and Server"],"products":["Jira Software"],"new":false},{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"7crKK8U0j8qqZHkqMR7Hwh","name":"Best practices for plugin and script development","title":"Best practices for plugin and script development","slug":"best-practices-for-plugin-and-script-development","seo":null,"teaser":"Learn how to employ recommended best practices for plugin and script development","contentTypes":["Overview"],"deployments":["Data Center and Server"],"products":["Jira Software","Confluence"],"new":false},{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"7t7WbB81FDcBOqxDTWAdLZ","name":"Infrastructure upgrades and patch management downtime","title":"Infrastructure upgrades and patch management downtime","slug":"infrastructure-upgrades-and-patch-management-downtime","seo":null,"teaser":"Understand approaches to infrastructure upgrades and best practices for patch management downtime","contentTypes":["Reference"],"deployments":["Data Center and Server"],"products":["Jira Software","Jira Service Management","Confluence","Bitbucket","Fisheye","Bamboo","Sourcetree","Crucible","Crowd"],"new":false},{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"1RlJQ3m7PMf49UDvJoO1PW","name":"Shared storage for Atlassian Data Center tools","title":"Shared storage for Atlassian Data Center tools","slug":"shared-storage-for-atlassian-tools","seo":null,"teaser":"Learn about available solutions and troubleshooting tips and considerations when designing shared storage for your Atlassian Data Center tools","contentTypes":["Practice"],"deployments":["Data Center and Server"],"products":["Confluence","Bitbucket","Jira Software"],"new":false},{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"SG93IHRvIERlbGV0ZSBZb3VyIFNpdGUgJiBDYW5jZWwgWW91ciBTdWJzY3JpcH","name":"What to do when you discover an unauthorized site or product","title":"What to do when you discover an unauthorized site or product","slug":"what-to-do-when-you-discover-an-unauthorized-site-or-product","seo":null,"teaser":"Steps to take when you discover an unauthorized site or product","contentTypes":["Overview"],"deployments":null,"products":null,"new":false},{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"SW1wbGVtZW50aW5nIGEgYnJlYWsgZ2xhc3MgU1NPIGJ5cGFzcyB3aXRoIEF0bG","name":"Implementing a break glass SSO bypass with Atlassian Access","title":"Implementing a break glass SSO bypass with Atlassian Access","slug":"implementing-a-break-glass-sso-bypass-with-atlassian-access","seo":null,"teaser":"Ensure users can always access their Atlassian account","contentTypes":["Overview"],"deployments":["Cloud"],"products":["Jira Service Management","Atlassian Access"],"new":false},{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"TGV0IEF0bGFzc2lhbiBDZXJ0aWZpY2F0aW9ucyBSZWluZm9yY2UgWW91ciBDYX","name":"Validate your expertise and advance your career with Atlassian certifications","title":"Validate your expertise and advance your career with Atlassian certifications","slug":"validate-your-expertise-and-advance-your-career-with-atlassian","seo":null,"teaser":"Learn how Atlassian certifications can advance your career","contentTypes":null,"deployments":["Cloud","Data Center and Server"],"products":["Jira Service Management","Confluence","Jira Software"],"new":false},{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"1b8Vj6fZS1wNmkwPV32iXS","name":"Atlassian training options","title":"Atlassian training options","slug":"atlassian-training-options","seo":null,"teaser":"Learn which Atlassian training options are available, get answers to FAQs, and find out how to get started","contentTypes":["Reference"],"deployments":["Cloud","Data Center and Server"],"products":["Jira Software"],"new":false}]}]},"redirects":[{"CONTENT_TYPE":"sm-redirect","CONTENTFUL_ID":null,"type":"Equals","code":"301","oldUrl":"/solution-paths/administer-atlassian-together","newUrl":"/solution-paths/administer-atlassian-together/administer-atlassian-together/discover-the-products","mode":"Override"}],"topic":{"CONTENT_TYPE":"sm-topic","CONTENTFUL_ID":"4fc0EkJzUYCWXbpFWAYswC","name":"How to secure Jira and Confluence REST API calls in Data Center","title":"How to secure Jira and Confluence REST API calls in Data Center","slug":"how-to-secure-jira-and-confluence-rest-api-calls-in-data-center","seo":null,"teaser":"Learn recommended methods for securing Jira and Confluence REST API calls in Data Center","contentTypes":["How-to"],"deployments":["Data Center and Server"],"products":["Jira Software","Confluence"],"new":false,"body":{"CONTENT_TYPE":"sm-topic-body","CONTENTFUL_ID":null,"json":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"document","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"heading-2","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"Out-of-the-box authentication methods","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"The REST API exposed by Jira and Confluence Server or Data Center is protected from unauthorized access. To access, a caller needs to demonstrate its identity, but also have the corresponding permission to take a particular action in Jira or Confluence. So both authentication and authorization are used to secure access to the REST API.\n\nWhen integrating with Jira and Confluence, there are four different methods that can be used to authenticate the caller:","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"unordered-list","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"list-item","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"OAuth (available in Jira)","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"list-item","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"Basic authentication","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"list-item","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"Cookie-based authentication (available in Jira)","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"list-item","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"Personal access token (since Jira v8.14, JSM v4.15, Confluence v7.9)","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":" In this article, we will detail each of the four methods and how they work.","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"heading-3","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"OAuth ","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"embedded-entry-inline","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"target":{"CONTENT_TYPE":null,"CONTENTFUL_ID":"AwevGEOgiAnx3jPpc504s"}},"content":[]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"OAuth is an authorization mechanism that contains an authentication step. Jira Server/Data Center uses ","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"hyperlink","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"uri":"https://oauth.net/core/1.0a/"},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"OAuth 1.0a","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":", 3-legged OAuth (3LO). In this process, a user (called the ","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"resource owner","marks":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"type":"italic"}],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":") grants a third-party application (called the ","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"consumer/client","marks":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"type":"italic"}],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":") access to some information (called the ","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"resource","marks":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"type":"italic"}],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"). 3LO means that the resource owner is directly involved with authorizing access to the resource, as opposed to 2-legged OAuth, where the resource owner is not involved. See below to visualize how the process works:","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"embedded-entry-block","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"target":{"CONTENT_TYPE":null,"CONTENTFUL_ID":"2QWAOZ7yAvnUS37xmCBFRY"}},"content":[]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"embedded-entry-block","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"target":{"CONTENT_TYPE":null,"CONTENTFUL_ID":"7bV6KEmlHf7wR4i4pWm634"}},"content":[]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"embedded-entry-block","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"target":{"CONTENT_TYPE":null,"CONTENTFUL_ID":"3MlIA224akhFRnwOfUNTmB"}},"content":[]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"This method is the one of the most secure among the ones that are available out-of-the-box in Jira Server/Data Center. However, it’s the one that takes the most effort to implement, as it will require you to configure an application link (playing the role of ","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"consumer/client","marks":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"type":"italic"}],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":") and a library in order to make the calls.","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"embedded-entry-block","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"target":{"CONTENT_TYPE":null,"CONTENTFUL_ID":"4tpvgwoH6hZWFX8nZxIE1t"}},"content":[]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"heading-2","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"Basic authentication","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"Basic authentication is the simplest way to authenticate a REST API call. In short, it sends a username and password in every request, contained in an ","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"Authorization: Basic \u003ccredentials\u003e","marks":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"type":"code"}],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":" header, where credentials are the ","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"username:password","marks":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"type":"code"}],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":" Base64 encoded.","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"heading-3","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"Security flaws","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"unordered-list","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"list-item","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"Credentials are sent in a form that can be decoded easily (Base64). This could be solved by securing the connection using TLS/SSL.","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"list-item","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"The password is sent repeatedly, for each request, which opens up a larger attack window.","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"list-item","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"The password is cached by the browser, so it can be silently reused by any other request to the server.","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"list-item","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"The password may be stored permanently in the browser, if the user requests. This creates a similar risk as the previous point, and also may allow it to be stolen by another user on a shared machine.","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"embedded-entry-block","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"target":{"CONTENT_TYPE":null,"CONTENTFUL_ID":"2UXdDtimoUKDP8VXIB7LDF"}},"content":[]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"heading-3","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"Disabling basic authentication in Jira","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"In Jira Server/Data Center v8.16, the basic authentication method can be disabled natively.","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"unordered-list","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"list-item","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"Learn how: ","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"hyperlink","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"uri":"https://confluence.atlassian.com/enterprise/disabling-basic-authentication-1044776464.html"},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"Disabling basic authentication","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"When basic authentication is disabled, you can still create an allowlist for specific users and URLs to use basic authentication in REST API calls.","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"unordered-list","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"list-item","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"Learn how: ","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"hyperlink","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"uri":"https://confluence.atlassian.com/enterprise/creating-an-allowlist-when-basic-authentication-is-disabled-1044106574.html"},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"Creating an allowlist when basic authentication is disabled","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"heading-2","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"Cookie-based authentication ","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"embedded-entry-inline","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"target":{"CONTENT_TYPE":null,"CONTENTFUL_ID":"AwevGEOgiAnx3jPpc504s"}},"content":[]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"Cookie-based authentication will create a session object when logging in that will be reused for the subsequent calls. Here's how it works:","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"ordered-list","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"list-item","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"The client creates a new session for the user via the Jira REST API (calling the session resource ","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"/auth/1/session","marks":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"type":"code"}],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":" with a username and password).","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"list-item","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"Jira returns a session object that has information about the session, including the session cookie. The client stores this session object.","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"list-item","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"The client can now set the cookie in the header for all subsequent requests to the Jira REST API (","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"Set-Cookie: JSESSIONID=6E3487971234567896704A9EB4AE501F; Path=/; HttpOnly","marks":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"type":"code"}],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":").","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"embedded-entry-block","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"target":{"CONTENT_TYPE":null,"CONTENTFUL_ID":"70JU25WQd42cd8msVYmXta"}},"content":[]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"heading-2","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"Personal access tokens","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"Personal access tokens (aka API tokens) were created to provide a more secure way to authenticate for third-party integrations. Already available in Bitbucket and Bamboo (for both Server and Data Center) and also in Cloud products, personal access tokens have been recently added to Jira (v8.14), JSM (v4.15) and Confluence (v7.9) Server/Data Center.","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"heading-3","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"How personal access tokens work","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"unordered-list","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"list-item","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"A user can create or revoke their own personal tokens via the ","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"User Profile","marks":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"type":"italic"}],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":" screen.","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"list-item","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"For Bitbucket and Bamboo, tokens are only for REST API calls and can't be used for product UI login. In contrast, for Jira and Confluence, tokens serve both for REST API calls and product UI login.","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"list-item","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"The individual tokens will inherit the user’s existing product permissions.","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"list-item","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"Tokens can be expiring (specified in days) or non-expiring. The ability to create non-expiring tokens can be switched-off with the ","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"atlassian.pats.eternal.tokens.enabled","marks":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"type":"code"}],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":" system property (","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"true","marks":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"type":"code"}],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":" by default).","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"list-item","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"The user can create a maximum of 10 tokens — this can be adjusted with the ","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"atlassian.pats.max.tokens.per.user","marks":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"type":"code"}],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":" system property.","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"list-item","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"To see other system properties that can be configured, see the \"System properties\" table below.","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"list-item","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"Once generated, the token given to the user cannot be retrieved, it needs to be remembered.","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"list-item","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"Tokens are immutable, i.e. they can’t be changed after they have been created.","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"list-item","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"When a users successfully authenticates to the REST API using a created token, the “Last authenticated” timestamp is updated in the token list.","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"list-item","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"Admins can administer user tokens, including viewing, searching, and deleting.","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"list-item","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"To invoke a REST API call using the token, an HTTP Bearer authorization header has to be included:","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"embedded-entry-block","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"target":{"CONTENT_TYPE":null,"CONTENTFUL_ID":"6TauALEhnCxFNaERKJhxZ3"}},"content":[]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"unordered-list","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"list-item","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"A token itself can be created through the REST API:","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"embedded-entry-block","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"target":{"CONTENT_TYPE":null,"CONTENTFUL_ID":"3fEA4Rm2EP2c3NQSKWgXSU"}},"content":[]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"unordered-list","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"list-item","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"See ","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"hyperlink","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"uri":"https://confluence.atlassian.com/enterprise/using-personal-access-tokens-1026032365.html"},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"Using Personal Access Tokens","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":" for more info.","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"heading-3","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"How the token is built and managed internally","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"unordered-list","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"list-item","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"The token is made up of two parts, the ID and the secret.","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"list-item","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"The ID is a 12 digit number that represents the username.","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"list-item","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"The secret is 20 bits of random data.","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"list-item","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"The ID, a \":\" character, and the secret are concatenated, then base64 encoded. This token is returned to the user.","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"list-item","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"The secret is put through our default password encoder and is stored hashed and salted in the database along with the plain text ID number.","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"Therefore, we could say that in the database at rest, the token's secret is stored cryptographically salted and hashed, however, the raw token is returned to the end user and then sent to Jira during authentication.","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"In transit, this token would be subject to whatever protocol encryption is enforced between the client and Jira, for example, TLS.","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"heading-3","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"System properties","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"table","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"table-row","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"table-header-cell","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"Property","marks":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"type":"bold"}],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"table-header-cell","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"Default","marks":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"type":"bold"}],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"table-header-cell","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"Description","marks":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"type":"bold"}],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"table-row","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"table-cell","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"atlassian.pats.enabled","marks":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"type":"code"}],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"table-cell","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"true","marks":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"type":"code"}],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"table-cell","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"Whether personal access tokens are globally enabled","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"table-row","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"table-cell","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"atlassian.pats.eternal.tokens.enabled","marks":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"type":"code"}],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"table-cell","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"true","marks":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"type":"code"}],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"table-cell","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"If users should be able to create tokens that do not expire","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"table-row","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"table-cell","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"atlassian.pats.mail.notifications.enabled","marks":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"type":"code"}],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"table-cell","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"true","marks":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"type":"code"}],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"table-cell","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"Whether mail notifications are globally enabled","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"table-row","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"table-cell","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"atlassian.pats.last.used.update.interval.mins","marks":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"type":"code"}],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"table-cell","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"1","marks":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"type":"code"}],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"table-cell","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"The interval at which the scheduler job is updating the 'last accessed at' property of each token, in minutes","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"table-row","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"table-cell","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"atlassian.pats.pruning.schedule.cron","marks":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"type":"code"}],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"table-cell","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"0 0 0 * * ?","marks":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"type":"code"}],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":" - 12 am local time, every day","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"table-cell","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"The CRON expression for the expired token pruning scheduler job","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"table-row","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"table-cell","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"atlassian.pats.pruning.delay.days","marks":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"type":"code"}],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"table-cell","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"30","marks":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"type":"code"}],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"table-cell","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"The delay before expired tokens are removed from the database, in days","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"table-row","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"table-cell","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"atlassian.pats.max.tokens.expiry.days","marks":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"type":"code"}],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"table-cell","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"365","marks":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"type":"code"}],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"table-cell","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"Maximum number of days for a token to expire","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"table-row","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"table-cell","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"atlassian.pats.max.tokens.per.user","marks":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"type":"code"}],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"table-cell","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"10","marks":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"type":"code"}],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"table-cell","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"Maximum number of tokens allowed per user","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"table-row","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"table-cell","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"atlassian.pats.auth.cache.expiry.mins","marks":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"type":"code"}],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"table-cell","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"60","marks":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"type":"code"}],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"table-cell","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"The length of time, in minutes, an item can stay in the authentication cache before being removed","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"table-row","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"table-cell","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"atlassian.pats.auth.cache.max.items","marks":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"type":"code"}],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"table-cell","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"5000","marks":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"type":"code"}],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"table-cell","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"The maximum number of items allowed in the authentication cache","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"table-row","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"table-cell","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"atlassian.pats.expiry.check.schedule.cron","marks":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"type":"code"}],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"table-cell","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"0 0 * * * ?","marks":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"type":"code"}],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":" - every hour","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"table-cell","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"The CRON expression for the scheduler job that sends notifications about expired tokens and tokens that will expire soon","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"table-row","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"table-cell","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"atlassian.pats.expiry.warning.days","marks":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"type":"code"}],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"table-cell","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"5","marks":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"type":"code"}],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"table-cell","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"How many days before sending an e-mail notification about tokens that will expire soon","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"table-row","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"table-cell","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"atlassian.pats.invalidate.session.enabled","marks":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"type":"code"}],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"table-cell","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"true","marks":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"type":"code"}],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"table-cell","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"If the session should be invalidated after succeeded authentication using personal access token","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"table-row","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"table-cell","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"atlassian.pats.token.name.length","marks":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"type":"code"}],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"table-cell","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"40","marks":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"type":"code"}],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"table-cell","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"The maximum number characters to be used for token name","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"embedded-entry-block","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"target":{"CONTENT_TYPE":null,"CONTENTFUL_ID":"62pERaGvYzPjqGbp8EGoGi"}},"content":[]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"heading-2","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"How to add more security to the REST API calls","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"Besides the out-of-the-box authentication methods, we can provide more security to the Jira REST API by adopting additional measures.","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"heading-2","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"Rate limiting","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"Rate limiting targets only REST API requests and can help you address the potential impact from spikes in requests from automated external requests and/or scripts. When users move around the Jira UI, viewing projects, transitioning issues, and completing other actions, they won’t be affected by rate limiting. This feature will enable admins to configure per-user limits for REST API calls. If users overdraw their limit, their requests will result in a 429 error code and the request will not be processed.","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"embedded-entry-block","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"target":{"CONTENT_TYPE":null,"CONTENTFUL_ID":"1U4tWkLVcvp7a31qVXQWTD"}},"content":[]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"There are different ways to set the limit: by node, user, time frame, and/or number of requests.","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"The UI allows system admins to:","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"unordered-list","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"list-item","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"Set a default per-user limit","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"list-item","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"Set per-user exemptions (limits different than the default, whether more restrictive or less restrictive)","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"list-item","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"Set an exemption for the aggregated anonymous traffic","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"list-item","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"See who is being limited across all nodes in the cluster","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"embedded-entry-block","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"target":{"CONTENT_TYPE":null,"CONTENTFUL_ID":"1BDg5l6IYApuGsPf7RBch4"}},"content":[]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"embedded-entry-block","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"target":{"CONTENT_TYPE":null,"CONTENTFUL_ID":"Yd0apkofVcGOOfATevWd2"}},"content":[]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"heading-3","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"What rate limiting is based on","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"Rate limiting introduces a ","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"hyperlink","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"uri":"https://en.wikipedia.org/wiki/Token_bucket"},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"token bucket algorithm","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":" to govern REST API-based traffic.","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"unordered-list","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"list-item","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"A token is needed to make HTTP REST requests.","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"list-item","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"Each request costs one token.","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"list-item","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"Users get new tokens at a constant rate so they can keep making new requests. This represents the number of requests they are allowed, and can be, for example, ten every one minute.","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"list-item","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"Tokens are added to a user’s personal bucket until it’s full. This is their max number of requests, and they can adjust the usage of tokens to their own frequency, for example twenty every two minutes instead of ten every one minute, as specified in their usual rate.","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"list-item","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"If the bucket becomes empty, HTTP REST requests will not be processed and a 429 error code will be returned.","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"heading-3","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"Getting started","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"Setting the right limit depends on a lot of factors, and there isn't a single rule that will work for all scenarios. To start finding the right limit, it's important to understand the size and traffic that instance receives and work from there.\n\nTo better understand the size of traffic, start by parsing the access log. Find the user that made the most REST requests over a day. Since UI traffic is ","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"not","marks":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"type":"italic"}],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":" rate limited, this number will be higher than what you need as your rate limit.","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"Generally speaking, your goal in setting a limit should be to keep the instance safe from scripts going haywire, rather than stopping users from getting their work done.","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"unordered-list","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"list-item","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"By default, all configurations are set to disabled.","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"list-item","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"Admins have the choice of three options:","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"ordered-list","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"list-item","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"Allow unlimited requests (can still block individual access through exemptions)","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"list-item","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"Block all requests (can still allow individual access through exemptions)","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"list-item","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"Limit requests (set a common limit for everybody, and use exemptions to assign individual limits)","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"list-item","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"Exemptions allow you to customize rules for unique users.","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"unordered-list","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"list-item","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"Exemptions can be created when rate limiting is disabled. The features will not work until rate limiting is enabled.","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"list-item","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"It is possible to add multiple users to an exemption.","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"list-item","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"Beyond this new rate-limiting algorithm and rule set, the API endpoints and the way you engage the API remains the same.","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"heading-3","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"Turning rate limiting off","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"To turn it off, go to ","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"System → Rate Limiting","marks":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"type":"italic"}],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":", select ","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"Rate Limiting → Disable","marks":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"type":"italic"}],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":", press ","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"Save","marks":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"type":"italic"}],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":". Wait 60 seconds for the changes to be visible.\n\nNote that by default, rate limiting is turned off. When turned on, it's set to “Allow unlimited requests” by default, which means it has no effect unless configured differently.","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"heading-3","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"Impact to users that are rate limited","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"When users make authenticated","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":" ","marks":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"type":"bold"}],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"requests, they will see rate limiting headers in the response. These headers are added to every response, not just when they’re rate limited:","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"table","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"table-row","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"table-header-cell","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"Header","marks":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"type":"bold"}],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"table-header-cell","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"Description","marks":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"type":"bold"}],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"table-row","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"table-cell","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"X-RateLimit-Limit","marks":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"type":"code"}],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"table-cell","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"The bucket size (capacity)","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"table-row","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"table-cell","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"X-RateLimit-Remaining","marks":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"type":"code"}],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"table-cell","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"The remaining number of tokens. This is what you have and can use right now.","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"table-row","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"table-cell","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"X-RateLimit-Interval-Seconds","marks":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"type":"code"}],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"table-cell","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"The time interval in seconds. You get a batch of new tokens every such time interval.","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"table-row","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"table-cell","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"X-RateLimit-FillRate","marks":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"type":"code"}],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"table-cell","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"How many tokens are added to the bucket on each refill. Sys admins configure this as ","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"Requests allowed","marks":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"type":"italic"}],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":".","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"table-row","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"table-cell","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"retry-after","marks":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"type":"code"}],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"table-cell","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"How long you need to wait until you get new tokens. This value is ","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"0","marks":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"type":"code"}],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":" when the bucket is not empty. If the bucket is empty, this value is likely to not be zero.","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"heading-3","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"Benefits of \"self-protection\" capabilities","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"unordered-list","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"list-item","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"Visibility: gives you the ability to see who is being rate limited, how many times requests are being limited, and when a user was last limited","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"list-item","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"Security and control: admins are able to set custom configurations and add users to an allow-list, bypassing all restrictions","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"list-item","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"Stability and performance: rate limiting helps to regulate CPU volume","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"heading-3","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"Related info","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"unordered-list","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"list-item","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"hyperlink","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"uri":"https://confluence.atlassian.com/adminjiraserver086/improving-instance-stability-with-rate-limiting-990553980.html#Improvinginstancestabilitywithratelimiting-limitingrequests"},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"Improving instance stability with rate limiting | Administering Jira applications Data Center and Server 8.6","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"list-item","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"hyperlink","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"uri":"https://www.atlassian.com/webinars/software/protect-your-data-center-instance"},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"How to protect your Data Center instance from threats","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"list-item","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"hyperlink","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"uri":"https://confluence.atlassian.com/enterprise/traffic-distribution-with-atlassian-data-center-895912660.html"},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"Traffic distribution with Atlassian Data Center","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"heading-2","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"API gateway/proxy","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"In some contexts, you may be interested in having more control over how the Atlassian product APIs are being used. In such contexts, you can introduce a new component to your API architecture: the API gateway. With this component (external to the Atlassian product architecture), you can usually expect the following aspects to improve:","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"unordered-list","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"list-item","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"Tracking of API calls: who is invoking the APIs, when, how much, etc.","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"list-item","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"Authentication/authorization: API gateways enable admins to add an additional security layer and provide support for methods that are not yet supported natively by the Atlassian Data Center products (e.g. OAuth 2.0)","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"list-item","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"Filtering of API calls: API gateways can provide additional filtering capabilities to those provided out-of-the-box by the Atlassian Data Center products","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"list-item","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"API management: API gateways can be part of the corporate API management","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"heading-3","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"Sample architecture with an API gateway protecting a dedicated API node for Jira/Confluence","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"embedded-entry-block","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"target":{"CONTENT_TYPE":null,"CONTENTFUL_ID":"6isO6UIl5hKp3QhTkDRQap"}},"content":[]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"heading-2","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"Marketplace apps","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"embedded-entry-block","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"target":{"CONTENT_TYPE":null,"CONTENTFUL_ID":"4ENsGBcNzSONdffh0ujVCf"}},"content":[]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"Using this app, you can authenticate Jira APIs using any third-party OAuth/OIDC provider or API tokens. The app supports Azure AD, Keycloak, Okta, AWS Cognito, Google, Github, Slack, Gitlab, Facebook, and any custom provider.","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"This app solves one of the biggest challenges in SSO-enabled applications: when users don't know their local account passwords.","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"Features provided:","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"unordered-list","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"list-item","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"Allows you to disable Jira's basic authentication or OAuth 1.0 authentication","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"list-item","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"Supports creating or revoking individual API tokens for users and universal API tokens for services","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"list-item","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"One-click enable or disable REST API authentication using OAuth 2.0","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"embedded-entry-block","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"target":{"CONTENT_TYPE":null,"CONTENTFUL_ID":"4BHgOtLqmp2LzLU2TGg80z"}},"content":[]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"This app allows you to authenticate Confluence APIs using third-party OAuth tokens or API tokens instead of your Confluence password. It supports ","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"hyperlink","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"uri":"https://plugins.miniorange.com/jira-rest-api-setup-guides"},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"10+ OAuth providers","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":" like Azure AD, Keycloak, AWS Cognito, Google Apps and ADFS, with steps to setup in minutes.\n\nFeatures provided:","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"unordered-list","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"list-item","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"Allows you to create or revoke API tokens to better secure and manage your data using REST API calls","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"list-item","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"Secures all the Confluence APIs","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"list-item","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"Coming soon: IP restriction and cookie-based authentication","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]}]},{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"paragraph","data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null},"content":[{"CONTENT_TYPE":null,"CONTENTFUL_ID":null,"nodeType":"text","value":"","marks":[],"data":{"CONTENT_TYPE":null,"CONTENTFUL_ID":null}}]}]},"links":{"CONTENT_TYPE":"sm-topic-body-links","CONTENTFUL_ID":null,"assets":{"CONTENT_TYPE":"sm-topic-body-assets","CONTENTFUL_ID":null,"hyperlink":[]},"entries":{"CONTENT_TYPE":"sm-topic-body-entries","CONTENTFUL_ID":null,"inline":[{"CONTENT_TYPE":"ml-lozenge","CONTENTFUL_ID":"AwevGEOgiAnx3jPpc504s","text":"JIRA ONLY","appearance":"success: green","isBold":false}],"block":[{"CONTENT_TYPE":"at-image","CONTENTFUL_ID":"2QWAOZ7yAvnUS37xmCBFRY","name":"How to secure Jira \u0026 Confluence REST API calls in Data Center 1","caption":null,"format":"png","width":null,"height":null,"image":{"CONTENT_TYPE":"asset","CONTENTFUL_ID":null,"title":"How to secure Jira \u0026 Confluence REST API calls in Data Center 1","description":"","contentType":"image/png","url":"https://images.ctfassets.net/5gpmvt00vjd3/EVB0g5wzzgolVnfr8E81B/b2d3cf4506777c430ee8305a6f552575/How_to_secure_Jira___Confluence_REST_API_calls_in_Data_Center_1.png","size":187585}},{"CONTENT_TYPE":"ml-info-panel","CONTENTFUL_ID":"7bV6KEmlHf7wR4i4pWm634","title":null,"description":"Get more info about the authorization flow here: [OAuth](https://developer.atlassian.com/server/jira/platform/oauth/#authorization-flow)","appearance":"information: blue background, “i” icon","actions":[]},{"CONTENT_TYPE":"ml-info-panel","CONTENTFUL_ID":"3MlIA224akhFRnwOfUNTmB","title":null,"description":"The tokens that are used with this OAuth method have nothing to do with personal access tokens. For more information about them, see the \"Personal access token\" section below.","appearance":"information: blue background, “i” icon","actions":[]},{"CONTENT_TYPE":"ml-info-panel","CONTENTFUL_ID":"4tpvgwoH6hZWFX8nZxIE1t","title":null,"description":"See how to configure OAuth 1.0 to be used for the REST API calls: [OAuth | Before you begin](https://developer.atlassian.com/server/jira/platform/oauth/#before-you-begin)","appearance":"information: blue background, “i” icon","actions":[]},{"CONTENT_TYPE":"ml-info-panel","CONTENTFUL_ID":"2UXdDtimoUKDP8VXIB7LDF","title":null,"description":"- Get more info about basic authentication and Jira REST API: [Basic authentication](https://developer.atlassian.com/server/jira/platform/basic-authentication/)\n\n- Learn how this can affect the REST API calls: [CAPTCHA](https://developer.atlassian.com/server/jira/platform/basic-authentication/#captcha)","appearance":"information: blue background, “i” icon","actions":[]},{"CONTENT_TYPE":"ml-info-panel","CONTENTFUL_ID":"70JU25WQd42cd8msVYmXta","title":null,"description":"- Get more info about cookie-based Authentication and Jira REST API: [Cookie-based authentication](https://developer.atlassian.com/server/jira/platform/cookie-based-authentication/)\n\n- Learn how this method is affected by cookie expiration, CAPTCHAs, and form token checking: [Advanced topic](https://developer.atlassian.com/server/jira/platform/cookie-based-authentication/#advanced-topics)","appearance":"information: blue background, “i” icon","actions":[]},{"CONTENT_TYPE":"ml-inline-code","CONTENTFUL_ID":"6TauALEhnCxFNaERKJhxZ3","name":"curl --header 'Authorization: Bearer NDcwNDQ0NTQ2MzE5Ol7lyYmNQ8WynnNMlhW2MpewDjGr' http://localhost:2990/jira/rest/api/2/project","code":"curl --header 'Authorization: Bearer NDcwNDQ0NTQ2MzE5Ol7lyYmNQ8WynnNMlhW2MpewDjGr' http://localhost:2990/jira/rest/api/2/project"},{"CONTENT_TYPE":"ml-inline-code","CONTENTFUL_ID":"3fEA4Rm2EP2c3NQSKWgXSU","name":"curl --request POST 'http://localhost:2990/jira/rest/pat/1.0/tokens' \\ --header 'Authorization: Bearer NDcwNDQ0NTQ2MzE5Ol7lyYmNQ8WynnNMlhW2MpewDjGr' ","code":"curl --request POST 'http://localhost:2990/jira/rest/pat/1.0/tokens' \\\n--header 'Authorization: Bearer NDcwNDQ0NTQ2MzE5Ol7lyYmNQ8WynnNMlhW2MpewDjGr'\n--header 'Content-Type: application/json' \\\n--data-raw '{\n \"name\": \"Yet Another Token!\",\n \"expirationDuration\": \"90\"\n}'"},{"CONTENT_TYPE":"ml-info-panel","CONTENTFUL_ID":"62pERaGvYzPjqGbp8EGoGi","title":null,"description":"Note: You have to set these properties on every node of your Data Center instance.","appearance":"information: blue background, “i” icon","actions":[]},{"CONTENT_TYPE":"ml-info-panel","CONTENTFUL_ID":"1U4tWkLVcvp7a31qVXQWTD","title":null,"description":"Anonymous traffic is represented by one user called “Anonymous”. This “user” aggregates all anonymous traffic into one bucket for all sources of anonymous requests.","appearance":"information: blue background, “i” icon","actions":[]},{"CONTENT_TYPE":"ml-info-panel","CONTENTFUL_ID":"1BDg5l6IYApuGsPf7RBch4","title":"How rate limiting and personal access tokens work together","description":"Rate limiting kicks in after authentication, so the per-user limits and exemptions also apply when using personal access tokens.\n","appearance":"information: blue background, “i” icon","actions":[]},{"CONTENT_TYPE":"at-image","CONTENTFUL_ID":"Yd0apkofVcGOOfATevWd2","name":"How to secure Jira \u0026 Confluence REST API calls in Data Center 3","caption":null,"format":"png","width":null,"height":null,"image":{"CONTENT_TYPE":"asset","CONTENTFUL_ID":null,"title":"How to secure Jira \u0026 Confluence REST API calls in Data Center 3","description":"","contentType":"image/png","url":"https://images.ctfassets.net/5gpmvt00vjd3/1BrMfTTSQxKd0y9dTx0vYy/ee8e12c26df0510a157cd3a1390271d2/How_to_secure_Jira___Confluence_REST_API_calls_in_Data_Center_3.png","size":662714}},{"CONTENT_TYPE":"at-image","CONTENTFUL_ID":"6isO6UIl5hKp3QhTkDRQap","name":"How to secure Jira \u0026 Confluence REST API calls in Data Center 6","caption":null,"format":"png","width":null,"height":null,"image":{"CONTENT_TYPE":"asset","CONTENTFUL_ID":null,"title":"How to secure Jira \u0026 Confluence REST API calls in Data Center 6","description":"","contentType":"image/png","url":"https://images.ctfassets.net/5gpmvt00vjd3/2xt1Jtl1hVl2vnZiPF0sfP/6a343b228ae8d27c3e89049640942805/How_to_secure_Jira___Confluence_REST_API_calls_in_Data_Center_6.png","size":1074082}},{"CONTENT_TYPE":"at-image","CONTENTFUL_ID":"4ENsGBcNzSONdffh0ujVCf","name":"How to secure Jira \u0026 Confluence REST API calls in Data Center 4","caption":null,"format":"png","width":null,"height":null,"image":{"CONTENT_TYPE":"asset","CONTENTFUL_ID":null,"title":"How to secure Jira \u0026 Confluence REST API calls in Data Center 4","description":"","contentType":"image/png","url":"https://images.ctfassets.net/5gpmvt00vjd3/1v5M0vDMgGCBee0eE3WFNq/5be408b90c60ceea93d35558a5af16ad/How_to_secure_Jira___Confluence_REST_API_calls_in_Data_Center_4.png","size":69690}},{"CONTENT_TYPE":"at-image","CONTENTFUL_ID":"4BHgOtLqmp2LzLU2TGg80z","name":"How to secure Jira \u0026 Confluence REST API calls in Data Center 5","caption":null,"format":"png","width":null,"height":null,"image":{"CONTENT_TYPE":"asset","CONTENTFUL_ID":null,"title":"How to secure Jira \u0026 Confluence REST API calls in Data Center 5","description":"","contentType":"image/png","url":"https://images.ctfassets.net/5gpmvt00vjd3/7FZGhUvLUB4vbABvwZoyH1/97c0123e496c148b3b1fed323e1d049c/How_to_secure_Jira___Confluence_REST_API_calls_in_Data_Center_5.png","size":71675}}]}}},"relatedLinks":{"CONTENT_TYPE":"ml-sidemenu-content","CONTENTFUL_ID":"3ld3D414pyUgJKeJRVMbpe","name":"Related links","title":"Related links","items":[{"CONTENT_TYPE":"at-sidemenu-button","CONTENTFUL_ID":"2pUReZeYzVc8nGDvC4bEVu","name":"Atlassian server developer documentation","label":"Atlassian server developer documentation","anchorLink":"https://developer.atlassian.com/server/"},{"CONTENT_TYPE":"at-sidemenu-button","CONTENTFUL_ID":"2rPXnjsowkC5u5rXAih5A4","name":"Atlassian Developer Community","label":"Atlassian Developer Community","anchorLink":"https://community.developer.atlassian.com/"},{"CONTENT_TYPE":"at-sidemenu-button","CONTENTFUL_ID":"2Fp40vYgUsgLvJuDLSbLqj","name":"OAuth authorization flow","label":"OAuth authorization flow","anchorLink":"https://developer.atlassian.com/server/jira/platform/oauth/#authorization-flow"}]}}},"token":"e263551aaa5c353781508bc3b5527b5ffad25643740c46e74006abd6267640d1","ogUrl":"https://success.atlassian.com/api/og","preview":false,"feedbackUrl":"https://api.atlassian.com/feedback-collector-api/v2/feedback","entrypointId":"bd193588-f7cd-4d19-bd59-d18eb695adf7"},"isProduction":true,"isCI":false,"env":{"spaceId":"5gpmvt00vjd3","accessToken":"QuD34WfdMiiWpMznQss2DqCQ990x_FsOSSsVvNypAb8","host":"cdn.contentful.com","environment":"master","previewAccessToken":"Ron_8espeIRta3u75Ndur8XVxnim9ORlxON6WVeTA6M"},"__N_SSP":true},"page":"/[[...slug]]","query":{"slug":["solution-resources","agile-and-devops-ado","platform-administration","how-to-secure-jira-and-confluence-rest-api-calls-in-data-center"]},"buildId":"NV-FKOi3T0KGnsWhZ6Dpv","isFallback":false,"isExperimentalCompile":false,"gssp":true,"appGip":true,"scriptLoader":[]}</script></body></html>