Shine light on your Jira and Confluence APIs
Don’t you want to know what’s hiding under the radar? Replace user passwords with personal access tokens to unveil shadow IT connections into your Atlassian APIs. Diminish the risk of disclosing sensitive information.
API Token Authentication Features

Create & revoke API Tokens
Take control of your API!
Replace basic authentication with unique API tokens per user & service.
- Expiration date
- Revoke API Tokens anytime
- Create tokens for other users
Group-based permissions
Advanced permissions to define which users can use and create tokens. Includes the option to delegate token creation to admins.
- Use tokens
- Create tokens
- Create Tokens on behalf of others


API Security Features
The firewall for your API connections. Define detailed authorizations per token to increase your security level.
- Token scoping (read or read & write)
- Restrict REST API requests by IP address & range
- System-wide and token-based validity
Works as expected. Plugin REST API is good to have. Support team is very responsive and open to feature requests…
Token Manager
Have complete visibility over API connections, and monitor what third-party apps are interacting with Jira and Confluence.
- Filter by user and service
- Filter by created or expiration date
- Filter by scope and usage


Shadow IT Functions
Build a robust process for API utilization.
Expose all undetected connections to your Jira or Confluence API.
- Disallow built-in basic authentication with username & password
- Comprehensive token overview
- Advanced Audit Logging
Really like how transparently this works with Jira. This can be used with tools such as VSCode because you simply substitute your password with your token…

Encryption
Comply with security laws and regulations with customizable signing.

Branding
Customize your user facing pages (error pages, IdP selection, logged in page template…).

Mobile App supported
Ensure a full SSO experience on the Atlassian mobile apps.

Full REST API
Automate your user management configuration.

Custom URLs
Decide when your SSO kicks in with force SSO URLs / non - SSO URLs.

no SSO option
Have full control on when to bypass SSO (temporary users, admins, or automations)
Why No-Code Platforms Can’t Hash Your Password
No-code platforms need to impersonate users to create automations and integrations. Unfortunately, accessing your password means they can't do a...
Read More3 Ways to Promote Secure Jira API Authentication For Your Users
The Jira REST API is an essential asset for developers and teams integrating Jira with other existing services. But that...
Read MoreHow to create API Tokens for Jira Server’s REST API
API Tokens are a common replacement for user credentials: they're more secure, more granular, and easier to control. Find out...
Read More