-
Suggestion
-
Resolution: Done
NOTE: This suggestion is for JIRA Cloud. Using JIRA Server? See the corresponding suggestion.
Hi everyone,
CORS has been supported in the JIRA REST API since JIRA 6.0 for JIRA Server. If you are a JIRA Server customer, simply go to the "Whitelist" section of JIRA Administration and add the domains you wish to request resources from. Note: You must have the System Administrator global permission to access this section of JIRA administration.
Unfortunately, this domain whitelist is not available in JIRA Cloud for security reasons. We haven't yet been able to spend time developing a pattern for supporting this in JIRA Cloud, but we do intend to work on this at some point in the future.
I have updated the issue summary to more accurately reflect the current status of this feature.
Regards,
Dave Meyer
dmeyer@atlassian.com
Product Manager, JIRA Platform
JIRA REST API documentation (http://docs.atlassian.com/jira/REST/latest/#authentication) says: ... if you are using JIRA in a browser you can call REST from Javascript on the page and rely on the authentication that the browser has established.
However it does not work, see my example http://jsfiddle.net/avalez/nCcq9/2/ and others complains: https://answers.atlassian.com/questions/69356/cross-origin-resource-sharing-with-jira-rest-api-and-javascript
Looks like Access-Control-Allow-Origin response header is missing.
CAUTION, to make it really work for remote clients, it's necessary to respond with exact match for host name in Access-Control-Allow-Origin header, see related AMKT-3342 (https://ecosystem.atlassian.net/browse/AMKT-3342).
- followed by
-
- Closed
- is related to
-
JRACLOUD-65573 CORS not supported in JIRA Cloud REST API but not mentioned in documentation
-
- Closed
-
-
- Closed
-
- Gathering Interest
- relates to
-
-
- Closed
-
-
- Closed
-
- Closed
- mentioned in
-
Page Loading...
