I am writing an integration module that uses Atlassian APIs for applications installed at our office (server environment). All use Active Directory Authentication.

I want to leverage OAuth for invoking Atlassian REST APIs on behalf of logged in user (who is one of the administrators) rather than printing admin credentials in a config file. This application will automagically create plans and fork repositories.

The OAuth flow involves that the currently logged in user opens an Atlassian application (say, Jira...) page to authorize a token. Since we need a token for each of the 4 applications, the basic idea suggests to prompt the user 4 times about issuing a new token to the client application.

Question is: is it possible for Atlassian product instances installed in the same domain to share OAuth tokens? E.g. if Confluence grants a token for user John, that token is still valid for Bamboo and BitBucket for user John according to his permissions on the two applications.

Or does John have to click "authorize" on 4 applications?

I would like to make a smooth user experience.