Noticed while testing some other stuff. If you use an access key, JIRA issue validation doesn't work because the oauth connectivity doesn't work (I guess there's no real user?)
You get an URL to authenticate with, but even though the new oauth token can appear in JIRA's profile list, it doesn't actually work. There's no traffic to JIRA in that case; the CredentialsRequiredException is thrown too early. This is possibly a bug in Stash, although its a bit of an edge case.
Note that this has never worked; in the current release version using an access key gives a NullPointerException on username validation....
Options would be to skip the JIRA checks for access key users entirely, raise a bug with Atlassian for Stash to allow access key users to have working oauth tokens, and/or work out what the API is that Stash uses for the new automated state transitions and connect as a trusted user. the latter is probably an internal API requring a newer JIRA version.
Raising for tracking; I have no plans to work on this.