Aura Auth
OAuth Providers

Atlassian Authorization Provider

Add Atlassian authorization provider to Aura Auth to authenticate and authorize

Atlassian

Set up Atlassian authorization provider to the authentication instance to Aura Auth.

What you'll learn

Through this quick start guide you are going to learn and understand the basics and how to set up Atlassian provider to Aura Auth.

Atlassian OAuth App

Creating an OAuth app

The first step is to create and register an Atlassian OAuth 2.0 Integration to grant access to the user's accessible resources like Get Authenticated User (used by Aura Auth), Repositories, Organizations, etc. For more detailed information, read OAuth 2.0 (3LO) apps and Get authenticated user.

Registering an Atlassian OAuth app includes:

  • Name: The name of the application according to its purpose.
  • Terms: Check the terms and conditions.

Permissions Panel

  • Scope: Click the Add button in the User Identity API row and then enable the View active user profile scope with the code read:me

Authorization

  • Callback URLs: Add OAuth 2.0 (3LO) action and set the URLs to which Atlassian will redirect. It should end in /auth/callback/atlassian for both local and production environments.
    • Local environment: http://localhost:3000/auth/callback/atlassian
    • Production environment: Set the URL of your application.

Settings Panel

  • Description: Description of what the consumer does

Atlassian Aura Auth

Installation

install the package using a package manager like npm, pnpm or yarn

npm install @aura-stack/auth

Environment setup

Now, it's time to create and consume the Atlassian credentials required and used by Aura Auth, it include the client Id and client Secret and write them into a .env file.

Additionally set the secret used by Aura Auth to sign and encrypt the user's session.

.env
# Atlassian Credentials
AURA_AUTH_ATLASSIAN_CLIENT_ID="atlassian_client_id"
AURA_AUTH_ATLASSIAN_CLIENT_SECRET="atlassian_client_secret"

# Aura Secret
AURA_AUTH_SECRET="32-bytes-secret"

The AURA_AUTH_SECRET will recommended to be random and high antropy key to avoid attackers decifer the secret used by the Aura Auth application.

Configure the provider

Set the oauth option of the createAuth instance and writing "atlassian" name.

@/auth
import { createAuth } from "@aura-stack/auth"

export const auth = createAuth({
  oauth: ["atlassian"],
})

export const { handlers } = auth

Custom configuration

@/auth
import { createAuth } from "@aura-stack/auth"
import { atlassian } from "@aura-stack/auth/oauth/atlassian"

export const auth = createAuth({
  oauth: [
    atlassian({
      scope: "read:jira-user", // Custom scopes
    }),
  ],
})

export const { handlers } = auth

Get HTTP Handlers

Use the HTTP handlers to consume the authentication logic and flow the Aura Auth library to be integrated into routers and frameworks.

backend.ts
import { handlers } from "@/auth"

export const { GET, POST } = handlers

The returned handlers include pre-built routes used in OAuth flows (/signIn/:oauth, /callback/:oauth, /session, /signOut and /csrfToken). You can mount them in Express, Hono, Next.js, or any runtime that supports native Request and Response APIs.

Resources

OAuth providers

OAuth providers supported by Aura Auth to consume and add authentication to typescript apps

Bitbucket Authorization Provider

Configure the Bitbucket OAuth 2.0 provider in Aura Auth for authentication and authorization.

On this page

AtlassianWhat you'll learnAtlassian OAuth AppCreating an OAuth appPermissions PanelAuthorizationSettings PanelAtlassian Aura AuthInstallationEnvironment setupConfigure the providerCustom configurationGet HTTP HandlersResources