Databases Reference
In-Depth Information
OAuth authentication
OAuth is a protocol that allows web applications to share data with other external
applications. This could be another web application (such as JIRA) or a desktop or
mobile application.
OAuth is typically used when two applications trust each other, but don't share
the same set of users and do have the option to connect via application links.
Use SSL
It is recommended that your applications use SSL (HTTPS) instead of
basic HTTP, as sensitive information is transmitted via the Internet.
To configure OAuth Authentication, perform the following steps:
1.
Browse to the Administration Console (
Administration
|
Confluence Admin
).
2.
Choose
Application Links
in the left-hand menu.
3.
Click on the
Configure
link, next to the application link you want to edit.
4.
Select
Incoming Authentication
and select the
OAuth
tab.
5.
Click on the
Enable
button to enable OAuth authentication for the
incoming link. The remote application will be automatically set up to
be the "consumer" and your local application a "service provider".
For outgoing authentication a login dialog will display if you are not currently
logged in to the remote application. Log in with your credentials for the other (JIRA)
server. Selecting the
Enable
button will set up OAuth for outgoing authentication.
Basic HTTP authentication
Using basic HTTP authentication relies on the connection between Confluence
and JIRA being secure. It is recommend to use a different authentication method,
provided you are able to do so.
Basic HTTP authentication allows you to provide Confluence with user credentials
for JIRA, and visa versa. Once authenticated, Confluence can access JIRA functions
and resources on behalf of that user. This also means that if you provide user
credentials of a user with administrative functions, your application link would
be able to access those functions as well.