We couldn't load all Actvitity tabs. Refresh the page to try again.
If the problem persists, contact your Jira admin.
IMPORTANT: JAC is a Public system and anyone on the internet will be able to view the data in the created JAC tickets. Please don’t include Customer or Sensitive data in the JAC ticket.
Uploaded image for project: 'Atlassian Guard'
  1. Atlassian Guard
  2. ACCESS-96

Ability to manage API token creation as an organization admin

    • 180
    • Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

      Problem Definition

      Atlassian accounts are able to generate API tokens for use with Jira and Confluence cloud APIs. At the moment, org admins can only revoke these tokens but they cannot enforce policies on the token usage of their managed accounts.

      Suggested Solution

      If a user belongs to an organization, give admins the following abilities:

      • Enable or block a managed account from issuing tokens
      • Make the creation of API tokens admin-only
      • Log or track the creation of API tokens (such as in audit logs) 
      • Set a default expiration for the tokens that can be created (ie, 1 week, unlimited not allowed). see ID-7825
      • Have the ability to extract a report of all users that currently have API tokens
      • Track whether API Keys are used by User in any project
      • Track report on API Keys usage.

            Loading...
            IMPORTANT: JAC is a Public system and anyone on the internet will be able to view the data in the created JAC tickets. Please don’t include Customer or Sensitive data in the JAC ticket.
            Uploaded image for project: 'Atlassian Guard'
            1. Atlassian Guard
            2. ACCESS-96

            Ability to manage API token creation as an organization admin

              • 180
              • Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

                Problem Definition

                Atlassian accounts are able to generate API tokens for use with Jira and Confluence cloud APIs. At the moment, org admins can only revoke these tokens but they cannot enforce policies on the token usage of their managed accounts.

                Suggested Solution

                If a user belongs to an organization, give admins the following abilities:

                • Enable or block a managed account from issuing tokens
                • Make the creation of API tokens admin-only
                • Log or track the creation of API tokens (such as in audit logs) 
                • Set a default expiration for the tokens that can be created (ie, 1 week, unlimited not allowed). see ID-7825
                • Have the ability to extract a report of all users that currently have API tokens
                • Track whether API Keys are used by User in any project
                • Track report on API Keys usage.

                        2015ae912494 Stefan Scorse
                        kyamamoto@atlassian.com K. Yamamoto
                        Votes:
                        167 Vote for this issue
                        Watchers:
                        174 Start watching this issue

                          Created:
                          Updated:
                          Resolved:

                            2015ae912494 Stefan Scorse
                            kyamamoto@atlassian.com K. Yamamoto
                            Votes:
                            167 Vote for this issue
                            Watchers:
                            174 Start watching this issue

                              Created:
                              Updated:
                              Resolved: