Setup
Get credentials
Go to the Atlassian Developer Console and create an OAuth 2.0 app. Add your redirect URI:https://your-app.com/api/kavach/auth/oauth/callback/atlassian
import { createKavach } from 'kavachos';
import { oauth } from 'kavachos/auth';
import { atlassianProvider } from 'kavachos/auth';
const kavach = await createKavach({
database: { provider: 'sqlite', url: 'kavach.db' },
plugins: [
oauth({
providers: [
atlassianProvider(
process.env.ATLASSIAN_CLIENT_ID!,
process.env.ATLASSIAN_CLIENT_SECRET!,
),
],
}),
],
});
ATLASSIAN_CLIENT_ID=...
ATLASSIAN_CLIENT_SECRET=...
Scopes
Default scopes: read:me, offline_access
| Scope | What it unlocks |
|---|
read:me | Read the user’s profile |
offline_access | Refresh token support |
read:jira-user | Read Jira user info |
read:confluence-user | Read Confluence user info |
Atlassian uses a 3-legged OAuth (3LO) flow. Users grant access per product (Jira, Confluence, etc.). The accessible resources endpoint returns which sites the user has authorized.
Endpoints
| Method | Path | Description |
|---|
| GET | /auth/oauth/authorize/atlassian | Redirect to Atlassian |
| GET | /auth/oauth/callback/atlassian | Handle callback |
