Authentication

Overview

There are various authentication options used by Atlassian applications for remote access. The following are those available and supported by the CLI at least on the latest release levels.

ApplicationBasic AuthenticationSession AuthenticationOAuth and Related TokensDiscussion
Jira, Confluence Cloud 

No longer available

No longer available 

Atlassian Personal Access Tokens

(also known as API Tokens)

Parameters

  • user (email address)
  • token or password (access token)
  • Atlassian has removed support for use of Basic and Session authentication
  • UPM client also supports the same authentication methods
  • CLI 8.4 or higher can use the token parameter for their access token instead of password parameter - either works the same (except for a couple of cases where a real password is needed)
  • If you are NOT using the email address and API token for your user credentials for accessing Cloud sites, you will likely receive: Remote error: User is not authorized to perform the request. Response code: 401.
Jira Server

Parameters

  • user (user name)
  • password

Parameters

  • user (for login)
  • password (for login)
  • login (subsequent actions)

Default with automatic login

Using Personal Access Tokens

Requires 8.14 or higher.

Parameters

  • token
  • Let default support use automatic session authentication
  • Only special case, advanced scripting should bother with using login action and saved sessions
  • UPM client also supports the same authentication methods
Confluence Server

Parameters

  • user (user name)
  • password

Parameters

  • user (for login)
  • password (for login)
  • login (subsequent actions)

Default with automatic login

Using Personal Access Tokens

Requires 7.9 or higher.

Parameters

  • token
  • Let default support use automatic session authentication
  • Only special case, advanced scripting should bother with using login action and saved sessions
  • UPM client also supports the same authentication methods


Bamboo Server

Parameters

  • user (user name)
  • password

Bamboo Personal Access Tokens

Requires 6.10 or higher.

Parameters

  • token
  • UPM client also supports the same authentication methods
Bitbucket Server

Parameters

  • user (user name)
  • password

Personal Access Tokens

Parameters

  • token
  • UPM client also supports the same authentication methods
  • See also Access Tokens.
Bitbucket Cloud

Parameters

  • user (user name)
  • password

App passwords
  • user (user name)
  • password (app password)
Trello

Trello Token

Parameters

  • token
Slack

Parameters

  • token


Tempo Cloud

Parameters

  • tempoToken

Personal Access Tokens for Server and Datacenter

Personal access tokens have some good advantages in specific cases, but there are also some severe restrictions:

Personal access tokens can be created in the UI by going to your profile - see Atlassian documentation on personal access tokens.

Restrictions

  1. Some server remote capabilities used in various CLI actions may not support access via personal access tokens - actions like renderRequest or actions that use similar support under the covers depending on action parameters used. In this case, you will get an error message like:

    Client error: Action or capability not available when using token authentication. Use user and password parameters instead.

    In some cases, you can avoid restricted capabilities by adjusting parameters you are using on the action. Otherwise, you need to revert to the standard user and password support.
  2. Secure administrator sessions (websudo) is turned on for your instance and you are attempting a secured administration action. In this case, you will get websudo permission errors. Turn off websudo for your site or revert to the standard user and password support.

Bamboo

Due to the lack of adequate REST API support in Bamboo, use of personal access tokens is much more restricted with only a few actions available (currently) that can be used with tokens: queueBuild and some list actions (getProjectList, getPlanList, and related) are available, but almost all configuration related actions will not work with token authentication.