OAuth Authentication

Published Date: 17-10-2024

Read Time:

OAuth Authentication 1.0 (Legacy Data Center/Server/Cloud)

Note: Jira has deprecated OAuth 1.0 for application links. You can transition to OAuth 2.0 for enhanced security and continued functionality.

Configure Remote Site Settings

Go to the ‘Setup’ page in your Salesforce instance. In the ‘Quick Find’ box, type ‘Remote Site Settings’ and select it from the search results.

Click on ‘New Remote Site’ to add the remote site.

Creating Remote Sites

  1. Jira Instance

    Remote Site Name: Enter a name, such as ‘Jira’.

    Remote Site URL: Provide the URL of your Jira instance to ensure secure communication.

  1. Salesforce Instance

    Remote Site Name: Provide a name, such as "Salesforce."

    Remote Site URL: Enter your Salesforce instance URL to ensure smooth integration and communication.

Create Application Links on Jira

  1. Log in to your Jira system with 'Jira Administrator' permissions.

  2. Click the Gear (settings) icon.

  3. From the Settings drop-down menu, select ‘System.’

  1. Click on ‘Search Jira admin’.

  1. Type "Application" in the search bar, then select "Application Links" from the search results.

  1. Click on ‘Create link’.

  1. Enter your Salesforce Org’s URL in the field and click on ‘Create new link’.

  1. A new window will open to confirm the ‘New URL’. Click on ‘Continue’.

  1. Enter details such as the ‘Application Name’ and select ‘Generic Application’ as the ‘Application Type’. Then, click ‘Continue’.

  1. A new application link will be created.

  1. Next, set up the Incoming Authentication by clicking ‘Edit’ (as shown in the highlighted section of the screenshot below).

  1. Enter ‘Sinergify’ in the ‘Consumer Key’ and ‘Salesforce’ in the Consumer Name’ fields.

  1. Enter the public key in the ‘Public Key’ field.

Note:

Please check this reference Document for Public/Private keys.

(Please save the Private key also as it will be required later in Step 16)

  1. Add your ‘Consumer Callback URL’. The URL should be in the following format:

    SalesforceOrgURL+’/apex/Grz_Sf__AuthPage?status=’+SalesforceOrgID+’&instanceUrl=’+Jira instance Url

E.g.

https://grazitti3e-dev-ed.my.salesforce.com/apex/Grz_Sf__AuthPage?Status=00D5g000004FBtEEAW&instanceURL=https://sinergify.atlassian.net

  1. Click ‘Save’. The application link status will then update to ‘Configured’.

  1. Go to the Authentication tab in the Admin Settings of the Sinergify app. Select the 'OAuth' tab and fill in the following details:

    • Jira Name: Enter your Jira instance name.

    • Jira URL: Provide your Jira instance URL.

    • Call back URL: Enter the Call back URL in this format: “SalesforceOrgURL+’/apex/Grz_Sf__AuthPage?status=’+SalesforceOrgID+’&instanceUrl=’+Jira instance Url”.

    • Consumer Key: Provide the Consumer key used in the Application link.

    • Private Key: Enter the Private Key generated in step 13 above.

    • Activate Content Header Parameter: Toggle this to enable authentication with Google SSO for single sign-on using Google credentials.

Key Considerations:

  • A consumer key must be one word only, as Jira does not support more than one word in a consumer key. See the reference Document.

  • A Refresh Token helps you re-validate your connection. It is beneficial when the token expires or is revoked on the Jira side. This can also be used to authenticate the Salesforce side with a different Jira Integration user if needed.

  1. Select the Jira software - Server or Cloud.

  1. Toggle to make this Jira instance your default Jira instance.

  1. Click on ‘Save'.

  1. A pop-up will appear on your screen. Log in with your Jira credentials.

Note: Ensure that pop-ups are not blocked.

  1. After logging in, a new window will appear requesting ‘Read’ and ‘Write’ permissions. Click ‘Allow’ to share the access token, or ‘Deny’ to refuse access.

  1. A new window will appear on your screen requesting you to allow or deny the access.

  1. If permitted, the access token will be automatically shared and saved in Salesforce, and the admin page will reload.

  2. Once this process is complete, you can view the Integration user details. See the screenshot below for reference. Ensure that the status is set to "Active"; if it isn't, enable the toggle button.

OAuth 2.0 Authentication(Server/Data Center)

Creating Remote Sites

  1. Jira Instance

    Remote Site Name: Enter a name such as ‘Sinergify Jira’.

    Remote Site URL: Enter the URL of your Jira instance to ensure secure communication.

  1. Salesforce Instance

    Remote Site Name: Provide a name such as ‘Salesforce’.

    Remote Site URL: Enter the URL of your Salesforce instance to ensure seamless integration and communication.

  1. Go to Administration > Applications > Application links.

  1. Click on “Create link”.

  1. Select "External Application," choose "Incoming" as the direction, and then click "Continue."

Fill in the details as outlined below:

Provide Application Details: Enter the Redirect URL (also known as Callback URL) from your external application. After authorization, users will be redirected to this URL with an authorization code.

Set Application Permissions: Choose the permissions the application can have on your instance. You can select from the following scopes:

  • Read

  • Write

  • Admin

  • System Admin

  1. Jira will generate OAuth credentials with these details. Copy these credentials into the Sinergify Admin settings.

  1. Go to the Authentication tab in the Admin Settings of the Sinergify app. Go to the ‘OAuth 2.0’ tab.

    • Jira Name: Enter the name of your Jira instance.

    • Jira URL: Enter the URL of your Jira instance.

    • Callback URL: Enter the Callback URL in this format: “SalesforceOrgURL+’/apex/Grz_Sf__AuthPage?status=’+SalesforceOrgID+’&instanceUrl=’+Jira instance Url”.

    • Client ID: Paste the Client ID from the OAuth 2.0 application link.

    • Client Secret: Paste the Client ID from the OAuth 2.0 application link.

    • Activate Content Header Parameter: Enable this toggle to authenticate with Google SSO, allowing single sign-on with Google credentials.

  1. Once you're finished, click ‘Save.’ A new screen will appear; verify the Jira URL and then click ‘Allow.’

  1. A new window will appear on your screen requesting you to allow or deny the access.

  1. If permitted, the access token will be automatically shared and saved in Salesforce, and the admin page will refresh. Make sure the status is set to "Active"; if not, enable the toggle button.

OAuth 2.0 Authentication(Cloud)

Creating Remote Sites

  1. Jira Instance

Remote Site Name: Provide a name such as ‘Jira’.

Remote Site URL: Enter the URL of your Jira instance to enable secure communication.

  1. Salesforce Instance

    Remote Site Name: Provide a name such as ‘Salesforce’.

    Remote Site URL: Enter your Salesforce instance URL to ensure seamless integration and communication.

  1. Authentication URL

    Remote Site Name: Provide a name such as ‘Authentication URL’.

    Remote Site URL: https://auth.atlassian.com

  1. Jira API Integration

    Remote Site Name: Provide a name for the Jira API Integration.

    Remote Site URL: https://api.atlassian.com

Steps to Create and Configure a Jira App

  1. Navigate to Jira Developer Console.

  1. Click ‘Create’ and then select ‘OAuth 2.0 Authentication’.

  1. Create a new app called ‘Sinergify App,’ then check the box to agree to Atlassian's developer terms. After that, click ‘Create.’

  1. A new app will be created.

  1. Navigate to the left panel, select "Permissions," and then configure the highlighted API scopes.

  1. Add the scope for each API (Confluence API, Jira API) individually by clicking on the "Add" button. You can adjust the scopes by adding or removing them according to your business needs. Refer to the screenshots below for guidance on how to add the scopes.

    Confluence API

    Jira API

  1. Navigate to the Authorization section in the left panel and click the ‘Add’ button.

  1. Once complete, add your ‘Consumer Callback URL’. The URL should follow this format:

SalesforceOrgURL+’/apex/Grz_Sf__AuthPage?status=’+SalesforceOrgID+’&instanceUrl=’+Jira instance Url

For Example: https://connectorjira-dev-ed.my.salesforce.com/apex/Grz_Sf__AuthPage?Status=00D0o000000Sx8ZEAS&instanceURL=https://sinergify.atlassian.net

  1. Click on ‘Save Changes’.

  1. Click on the "Settings" option in the left panel, then navigate to "Authentication Details."

  1. Copy the Client ID and Secret.

  1. Navigate to the Authentication tab in the Admin Settings of the Sinergify app and then select the ‘OAuth 2.0’ tab.

  • Jira Name: Provide your Jira instance Name.

  • Jira URL: Provide your Jira instance URL.

  • Callback URL: Enter the Callback URL in this format: ‘SalesforceOrgURL+’/apex/Grz_Sf__AuthPage?status=’+SalesforceOrgID+’&instanceUrl=’+Jira instance Url’.

  • Client ID: Paste the Client ID from the OAuth 2.0 app.

  • Client Secret: Paste the Client ID from the OAuth 2.0 app.

  • Activate Content Header Parameter: Turn on the toggle button to authenticate using Google SSO, allowing single sign-on with your Google credentials.

  1. Select the Jira Software - Cloud.

Select the Jira Software - Cloud.

Toggle to make this Jira instance your default Jira instance.

Click ‘Save.’ Then, in the “Use App on” section, enter your Jira instance URL and click ‘Accept’ when finished.

A new window will appear on your screen requesting you to allow or deny the access.

If allowed, the access token will be automatically shared and saved in Salesforce, and the admin page will refresh. Make sure the status is set to "Active." If it isn’t, enable the toggle button.