The OAuth 2.0 configuration page in Jira is either missing or blank/empty
プラットフォームについて: Server および Data Center のみ。この記事は、Server および Data Center プラットフォームのアトラシアン製品にのみ適用されます。
Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.
*Fisheye および Crucible は除く
要約
There can be various situations where the Oauth 2.0 configuration page is either missing from the ⚙ > System menu, or it is there but the page can't be open or is blank when clicking on it. This knowledge base article lists all these situations and their known root causes.
Please note that the Oauth 2.0 configuration was moved from the page ⚙ > System > Oauth 2.0 to the page ⚙ > System > Application links from Jira 8.22.0 (or Jira Service Management JSM 4.22.0), therefore this KB article only applies to versions lower than Jira 8.22.0 (or lower than JSM 4.22.0).
環境
- Jira versions 8.10.x-8.21.x / Jira Service Management versions 4.10.x-4.21.x
- Server / Data Center platform
From Jira Software 8.22.x release notes:
We’ve merged the whole OAuth 2.0 functionality into application links. This includes your OAuth 2.0 client integrations that you could previously find in Administration > OAuth 2.0 .
診断
Scenario 1 - The Oauth 2.0 option is missing from ⚙ > System
The Oauth 2.0 option should be located under the Lexorank management option in ⚙ > System. If this option is missing as shown in the screenshot below, then Root cause 1 might apply:
Scenario 2 - When clicking on the Oauth 2.0, the user keeps on being prompted to login as a system administrator
If the Oauth 2.0 option is available, but clicking on it forces the user (who is already an administrator) to re-login as a system administrator, then Root cause 2 might apply:
シナリオ 3
If the Oauth 2.0 option is available, but clicking on it lead to a page showing the security error below, then Root cause 3 might apply:
Due to security risks Oauth 2 is not allowed with an insecure connection. Please ensure that your server is using HTTPS and that your application base URL is configured appropriately
シナリオ 4
If the Oauth 2.0 option is available, but clicking on it leads to a blank/empty page, then either Root Cause 4-a or Root Cause 4-b might apply:
原因
Root causes for Scenario 1
Root Cause 1-a
The Oauth 2.0 integration for incoming mail feature was introduced in Jira 8.10 (or in Service Management 4.10.0), as per the Jira 8.10 release notes. If you are using any lower version of Jira (or Service Management), then it is expected that this option will be missing.
To check which Jira (or Service Management) version you are using, you can go to the page ⚙ > Applications > Versions & Licenses.
Root Cause 1-b
The page where the Oauth 2.0 integration can configured was moved from the page ⚙ > System > Oauth 2.0 to the page ⚙ > Applications > Application Links in Jira 8.22.0. If you are using Jira 8.22.0 or any higher version, then it is expected that you can't find the option Oauth 2.0 listed in ⚙ > System.
Root Cause 1-c
There is a known bug in Jira 8.20.18 that causes this issue. Please check JRASERVER-74885 - Getting issue details... STATUS for details
Root cause for Scenario 2
As explained in the documentation about Jira Global Permissions, there is a difference between what a Jira System Administrator and a Jira Administrator can do and which page can be accessed. The Oauth 2.0 page is only available to Jira System Administrators. So, if the user logged in Jira is only granted the Jira Administrator permission, this user will see the Oauth 2.0 option, but won't be able to open the page.
Root cause for Scenario 3
Jira's Base URL is not configured using an HTTPS URL.
Root causes for Scenario 4
Root Cause 4-1
An add-on is preventing the Oauth 2.0 to be displayed properly. Add-ons which are known to be causing this issue are listed below. Please note that this list is not exhaustive:
- Insight (only the versions 8.5.1 up to 8.6.2)
- Smart Attachments for Jira
One way to confirm that the issue is caused by an add-on is to enter plugin safe mode in ⚙ > Manage Apps > Manage Apps. If the issue goes away, then it's an indication that an add-on is causing the issue.
Root cause 4-b
There is a script configured in the Jira announcement banner which is preventing the Oauth 2.0 page from being displayed properly.
One way to confirm it is to go to ⚙ > System > Announcement Banner, and temporarily delete the banner. If the Oauth 2.0 page displays properly, then it's an indication that there was an invalid script in the banner.
ソリューション
Solution for Scenario 1
Solution for Root Cause 1-a
Upgrade Jira to 8.10.0 or higher (or Service Management to 4.10.0 or higher). For more information on how to perform the upgrade, you can refer to the documentation Upgrading Jira applications.
Solution for Root Cause 1-b
If you are using Jira 8.22.0 or any higher version, to configure the Oauth 2.0 integration, you will need to go to the page ⚙ > Applications > Application Links instead of ⚙ > System > Oauth 2.0. Then, from this page, click on Create link, and select External Application and Outgoing:
Solution for Scenario 2
Grant the user with the Jira System Administrator permission.
Solution for Scenario 3
Configure Jira's Base URL in ⚙ > System > General configuration to an HTTPS URL.
Solution for Scenario 4
- If you identified the Insight add-on to be the root cause, upgrade it to 8.6.3 or any higher version
- If you identified any other add-on to be the root cause, please reach out to the add-on support team for assistance
- If you identified the announcement banner to be the root cause, please keep it removed or fix the script that is causing the issue