Creating cookie based authentication for REST API using PAT tokens

Platform Notice: Data Center Only - This article only applies to Atlassian products on the Data Center platform.

Note that this KB was created for the Data Center version of the product. Data Center KBs for non-Data-Center-specific features may also work for Server versions of the product, however they have not been tested. Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.

*Except Fisheye and Crucible

Summary

This page shows you how to create cookie-based authentication sessions using Personal Access Tokens.

Environment

  • Jira Core 8.14 and later

  • Jira Software 8.14 and later

  • Jira Service Management 4.15 and later

Solution

  1. Disable session invalidation by adding the JVM param below.⚠️ It'll affect the behavior of PAT in the entire instance:

1 -Datlassian.pats.invalidate.session.enabled=false

2. Create the session request. e.g using cURL:

1 curl -c cookiefile -H 'Authorization: Bearer PAT_TOKEN' <JIRA_URL>/rest/auth/1/session -s -o /dev/null -w "%{http_code}"; echo;

ℹ️ Replace PAT_TOKEN with the PAT token created and <JIRA_URL> with the Jira URL.

Updated on April 2, 2025
Platform
Data Center only
Product
Jira Software Data Center
On this pageSummarySolution

Still need help?

The Atlassian Community is here for you.
Ask the Community