Previously, to access Zephyr for Jira Cloud REST API you had to install an additional plugin (ZAPI). As of August 2020, the API is available out-of-the-box, and the ZAPI plugin is no longer needed.
The API provides the following capabilities:
Get information about users, projects, releases, tests, execution cycles.
Create new tests and test execution cycles.
Update tests, test execution status.
Add attachments to existing execution cycles.
Run ZQL queries and retrieve search results.
The base URL for API calls is:
POST /public/rest/api/1.0/attachment means a POST request to
The API uses JWT tokens for authentication. All requests must include the following headers:
zapiAccessKey: YOUR_ACCESS_KEY Authorization: JWT GENERATED_JWT_TOKEN
YOUR_ACCESS_KEY is the access key found in the API Keys section of Zephyr for Jira Cloud.
GENERATED_JWT_TOKEN is the JWT token generated for this specific request. To learn how to generate JWT tokens, see this page.
JWT tokens are generated using several pieces of information, including the API endpoint you want to call, and query parameters (if any). This means that to call multiple different endpoints or call the same endpoint but with different query parameters you must generate a new JWT token for each API call.
Most operations that accept a request body expect it in the JSON format.
POST and PUT request containing a JSON request body must include the
1,000 requests per hour.
24,000 requests per day.
There are pagination limits.
Encoding affects status character counts.