Atlassian (Jira / Confluence) auth
Under AUTH_RESOLUTION_STRATEGY=http, Jira and Confluence use OAuth On-Behalf-Of (provider types
jira / confluence) with header fallbacks x-datarobot-jira-access-token and
x-datarobot-confluence-access-token. Cloud ID is resolved from
https://api.atlassian.com/oauth/token/accessible-resources.
Under AUTH_RESOLUTION_STRATEGY=config, set credentials on the server:
Personal agents only:
configis for single-user, personal setups. Do not use it on shared or multi-tenant agents—every user would share the same server-side Atlassian and API tokens from env/config.
| Variable | Required | Description |
|---|---|---|
ATLASSIAN_API_TOKEN |
Yes | OAuth access token or Atlassian API token |
ATLASSIAN_EMAIL |
For API tokens | Account email; when set, enables API token Basic auth |
ATLASSIAN_SITE_URL |
With email | Cloud site URL, e.g. https://your-domain.atlassian.net |
Auth mode detection (config only):
ATLASSIAN_EMAILset → API token Basic auth (email:api_token). Cloud ID comes from{ATLASSIAN_SITE_URL}/_edge/tenant_info. REST calls usehttps://api.atlassian.com/ex/jira/{cloudId}/...(or/ex/confluence/{cloudId}/...) withAuthorization: Basic ....ATLASSIAN_EMAILnot set →ATLASSIAN_API_TOKENis treated as a static OAuth access token (Bearer). Cloud ID comes from the OAuth accessible-resources endpoint.
Example (API token for local scripts):