Forum Discussion

FcoSan's avatar
FcoSan
New Contributor
3 years ago

Try to authentificate with JWT

Hello,

I am trying authentificate to Zephyr by JWT token.

Request url:

https://prod-play.zephyr4jiracloud.com/connect/public/rest/api/1.0/config/generalinformation

 

Documentation:

https://zfjcloud.docs.apiary.io/#reference/cycle/creates-new-cycle/get-addon-info

 

Headers:

Authorization: JWT <JWT_TOKEN>

zapiAccessKey: <ACCESS_KEY>

Content-type: application/json

 

I have performed all the steps that are discussed in this post to generate the JWT Token:

https://support.smartbear.com/zephyr-squad-cloud/docs/api/jwt-token.html?sbsearch=JWT%20Token%20based%20APIs

Also in this one too:

https://support.smartbear.com/zephyr-squad-cloud/docs/test-automation/api.html

 

I am able to generate the token in both ways, via postman or with the zapi-cloud.git. But when I do a request with postman I always get a 401 error and this message:

 

 

 

 

 

 

Expecting claim 'qsh' to have value '7f0d00c2c7*****************42d4b84374' but instead it has the value '9a826e393c52fc74522e694b**************de592e'

 

 

 

 

 

 

 

Every time I try to launch the request again I generate a new JWT, But same result.

What do I need to be able to connect correctly with Zephyr?

I need to connect with Zephyr to be able to change the states of the tests that I have created in Zpehyr

Thanks

 

3 Replies

  • Hi, this community is dead, zero support by the smartbear team, but, may be this can help you:

     

    the Automation API and REST API authenticate differently,

     

    for Automation API as simple as:

    Generate JWT Token

    https://prod-vortexapi.zephyr4jiracloud.com/api/v1/jwt/generate

    https://support.smartbear.com/zephyr-squad-cloud/docs/test-automation/api.html

     

    but for REST API you need to generate the qsh, etc, take a look:

    https://developer.atlassian.com/cloud/jira/platform/understanding-jwt-for-connect-apps/

     

    if your using nodeJS here is an example:

     

     

    const method = 'GET';
    const url =
    `https://prod-api.zephyr4jiracloud.com/connect/public/rest/api/1.0/teststep/${issueId}?projectId=${zephyr.credentials.projectKey}`;
    ;
    
    generateJWT: async function(method, url) {
    
    const now = moment().utc();
    
    const req = jwt.fromMethodAndUrl(method, url);
    
    const tokenData = {
    "iss": zephyr.credentials.accessKey,
    "iat": now.unix(), // The time the token is generated
    "exp": now.add(3, 'minutes').unix(), // Token expiry time (recommend 3 minutes after issuing)
    "qsh": jwt.createQueryStringHash(req, false, 'https://prod-api.zephyr4jiracloud.com/connect'), // [Query String Hash](https://developer.atlassian.com/cloud/jira/platform/understanding-jwt/#a-name-qsh-a-creating-a-query-string-hash)
    "sub": '' // Your people ID https://********.atlassian.net/people/5bb7ad0ccc53fd0760103780
    };
    
    const secret = zephyr.credentials.secretKey;
    
    const token = jwt.encodeSymmetric(tokenData, secret);
    
    return `JWT ${token}`;
    
    },