Want to make sure of safe API Key Management in Jira Cloud? API Key Manager for Jira has got you covered with restricted, time-limited, and read-only API keys! Sounds great, right? But the best is yet to come: Unlike API tokens in the Atlassian Cloud, API keys created with this app only apply to one specific Jira instance.
With our API Key Manager for Jira, it's never been easier to create and manage API keys, making using the REST API of your Jira Cloud instance more secure, and providing immense security gains for you and your team when working in Jira – especially if you use technical integrations.
Now some of you may be wondering: Why would I need this app if I can also use the API tokens in the Atlassian Cloud?
Fair enough! But there are some essential differences between API keys and API tokens. By default, Atlassian tokens are always bound to a user and their rights and therefore inherit all their permissions on every instance. So, any token a user creates has all their rights not only in one instance but in all cloud instances on which the user is authorized.
With API Key Manager for Jira Cloud, you can create API keys that only apply to one specific Jira instance and are limited to the instance where the app is installed.
Use API Key Manager to create keys that support the following features:
All API keys generated with API Key Manager for Jira Cloud are temporary and valid for 30 days by default – after that period they automatically expire and need to be created again. Their limited lifespan allows you better control of how your instance's data can be accessed. In addition, keys can be revoked at any time, so you do not need to wait for their expiration.
You can further explicitly restrict what an API key can do by giving it a list of allowable API REST endpoints. This allows for very specific and single use-cases such as a key for creating a page or for reading only, or a key that can only act in a specific space. Anything is possible and independent of the rights of the person who created the key. It’s totally up to you.
API Key Manager for Jira allows you to pick which HTTP verbs are allowed for each individual key. For creating read-only keys you just create your key as normal and set GET as the only acceptable method. Easy, isn’t it? And yet so powerful!
Since Jira's Cloud REST API diligently uses HTTP verbs, no GET request can manipulate data on your instance.
Keep your Jira instance more secure by using time- and scope-limited API keys instead of usernames and passwords. Get API Key Manager for Jira Cloud now – it’s free for small teams of up to ten users.
Install API Key Management for JiraLooking for safe API Key Management in Confluence? We got you covered here, too - with our API Key Manager for Confluence Cloud.
Check out API Key Management for Confluence