HomeCustomizing AuthAtlassian

Atlassian auth provider

At this time, Arcade does not offer a default Atlassian Auth Provider. To use Atlassian auth, you must create a custom Auth Provider with your own Atlassian OAuth 2.0 credentials as described below.

The Atlassian auth provider enables tools and agents to call the Atlassian API on behalf of a user. Behind the scenes, the Arcade Engine and the Atlassian auth provider seamlessly manage Atlassian OAuth 2.0 authorization for your users.

What’s documented here

This page describes how to use and configure Atlassian auth with Arcade.

This auth provider is used by:

  • Your app code that needs to call Atlassian APIs
  • Or, your custom tools that need to call Atlassian APIs

Configuring Atlassian auth

In a production environment, you will most likely want to use your own Atlassian app credentials. This way, your users will see your application’s name requesting permission.

You can use your own Atlassian credentials in both the Arcade Cloud and in a self-hosted Arcade Engine instance.

Before showing how to configure your Atlassian app credentials, let’s go through the steps to create an Atlassian app.

Create an Atlassian app

  • Create a Atlassian app in the Atlassian developer console
  • In the Authorization tab, click the “Add” action button and set the Callback URL to: https://cloud.arcade.dev/api/v1/oauth/callback
  • In the Permissions tab, enable any permissions you need for your app
  • In the Settings tab, copy the Client ID and Secret to use below

Configuring your own Atlassian Auth Provider in Arcade

There are two ways to configure your Atlassian app credentials in Arcade:

  1. From the Arcade Dashboard GUI
  2. By editing the engine.yaml file directly (for a self-hosted Arcade Engine)

We show both options step-by-step below.

Configure Atlassian Auth Using the Arcade Dashboard GUI

Access the Arcade Dashboard

To access the Arcade Cloud dashboard, go to api.arcade.dev/dashboard. If you are self-hosting, by default the dashboard will be available at http://localhost:9099/dashboard. Adjust the host and port number to match your environment.

Navigate to the OAuth Providers page

  • Under the OAuth section of the Arcade Dashboard left-side menu, click Providers.
  • Click Add OAuth Provider in the top right corner.
  • Select the Included Providers tab at the top.
  • In the Provider dropdown, select Atlassian.

Enter the provider details

  • Choose a unique ID for your provider (e.g. “my-atlassian-provider”).
  • Optionally enter a Description.
  • Enter the Client ID and Client Secret from your Atlassian app.

Create the provider

Hit the Create button and the provider will be ready to be used in the Arcade Engine.

When you use tools that require Atlassian auth using your Arcade account credentials, the Arcade Engine will automatically use this Atlassian OAuth provider. If you have multiple Atlassian providers, see using multiple auth providers of the same type for more information.

Using Atlassian auth in app code

Use the Atlassian auth provider in your own agents and AI apps to get a user token for the Atlassian API. See authorizing agents with Arcade to understand how this works.

Use client.auth.start() to get a user token for the Atlassian API:

from arcadepy import Arcade
 
client = Arcade()  # Automatically finds the `ARCADE_API_KEY` env variable
 
user_id = "user@example.com"
 
# Start the authorization process
auth_response = client.auth.start(
    user_id=user_id,
    provider="atlassian",
    scopes=["read:me", "read:jira-user", "read:confluence-user"],
)
 
if auth_response.status != "completed":
    print("Please complete the authorization challenge in your browser:")
    print(auth_response.url)
 
# Wait for the authorization to complete
auth_response = client.auth.wait_for_completion(auth_response)
 
token = auth_response.context.token
# Do something interesting with the token...

Using Atlassian auth in custom tools

You can author your own custom tools that interact with the Atlassian API.

Use the Atlassian() auth class to specify that a tool requires authorization with Atlassian. The context.authorization.token field will be automatically populated with the user’s Atlassian token:

from typing import Annotated, Optional
 
import httpx
 
from arcade.sdk import ToolContext, tool
from arcade.sdk.auth import Atlassian
 
 
@tool(
    requires_auth=Atlassian(
        scopes=["read:jira-work"],
    )
)
async def list_projects(
    context: ToolContext,
    query: Annotated[
        Optional[str],
        "The query to filter the projects by. Defaults to empty string to list all projects.",
    ] = "",
) -> Annotated[dict, "The list of projects in a user's Jira instance"]:
    """List a Jira user's projects."""
    url = f"https://api.atlassian.com/ex/jira/<cloudId>/rest/api/3/project/search?query={query}"
    headers = {"Authorization": f"Bearer {context.authorization.token}"}
 
    async with httpx.AsyncClient() as client:
        response = await client.get(url, headers=headers)
        response.raise_for_status()
        return response.json()
AsanaDiscord