Reg secured iparams in frontend React JS application

Gopi · March 31, 2023, 4:41am

Hi Team,

I am writing to seek your advice on a technical issue that I have been facing with using the Jira API token in my web application. Currently, I am using the following code to make API calls from the frontend:
headers: {
Authorization: Basic ${btoa( ${iparam.jiraUserEmail}:${iparam.jiraApiToken} )},
“Content-Type”: “application/json”,
},

However, I am finding it difficult to securely store the jiraApiToken in the iparams and still be able to use it in the above code. I have also tried the following code, but it did not work:

headers: {
Authorization: Basic ${btoa( ${iparam.jiraUserEmail}:<%= iparam.jiraApiToken %> )},
“Content-Type”: “application/json”,
},

I would greatly appreciate any suggestions or solutions you may have regarding this matter. Thank you for your time and assistance.

Thanks & Regards,
Gopi

kaustavdm · April 3, 2023, 5:51am

Assuming you are using Request Method, and you have iparams set up correctly, can you try changing the Authorization header to:

"Authorization": "Basic <%= encode(iparam.JiraUserEmail + ':' + iparam.jiraApiToken) %>"

Note that you cannot fetch secure iparams from a frontend app. You can templatise the iparams as I have shown above if you use Request Method. If you don’t use Request Method, then you will have to create a SMI function and access the secure iparams from there.

system · July 2, 2023, 5:52am

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.