You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: README.md
+5-2Lines changed: 5 additions & 2 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -91,6 +91,8 @@ Follow the [installation guide](https://github.com/ankitpokhrel/jira-cli/wiki/In
91
91
more [here](https://github.com/ankitpokhrel/jira-cli/discussions/356).
92
92
2. Run `jira init`, select installation type as `Cloud`, and provide required details to generate a config file required
93
93
for the tool.
94
+
3. Run the `jira init`, Select the `Cloud` installation type and then select the `OAuth` authentication type. This will prompt for your Jira App Client ID and Client Secret. You can learn more about how to create a Jira App [here](link-to-a-discussion)
95
+
94
96
95
97
#### On-premise installation
96
98
@@ -117,12 +119,13 @@ See [FAQs](https://github.com/ankitpokhrel/jira-cli/discussions/categories/faqs)
117
119
118
120
#### Authentication types
119
121
120
-
The tool supports `basic`, `bearer` (Personal Access Token), and `mtls` (Client Certificates) authentication types. Basic auth is used by
122
+
The tool supports `basic`, `bearer` (Personal Access Token), `mtls` (Client Certificates), and `oauth` (OAuth 3LO) authentication types. Basic auth is used by
121
123
default.
122
124
123
125
- If you want to use PAT, you need to set `JIRA_AUTH_TYPE` as `bearer`.
124
126
- If you want to use `mtls` run `jira init`. Select installation type `Local`, and then select authentication type as `mtls`.
125
127
- In case `JIRA_API_TOKEN` variable is set it will be used together with `mtls`.
128
+
- If you want to use `oauth` run `jira init`. Select installation type `Cloud`, and then select authentication type as `oauth`.
- The 3LO doesn't support PKCE, to avoid the need for a client secret, so we need to use the legacy auth flow.
856
+
- The 3LO doesn't support [Proof Key for Code Exchange (PKCE)](https://oauth.net/2/pkce/). Without this support, we would have to share the single distrubuted app's client secret with all the consumers. To avoid the need for globally sharing a client secret, each consumer will need to create a JIRA app to effectively use as a proxy into your Jira cloud instance.
0 commit comments