Community
Q&A
Confluence
Questions
A service account wants to access a space but gets a 403 error

A service account wants to access a space but gets a 403 error

I created a service account in atlassion admin and added it to confluence admin and user groups. ALso gave it access to specific spaces in confluence. But when accessing these space it gave an error message: {"statusCode":403,"message":"com.atlassian.confluence.mvc.rest.common.exception.StacklessResponseStatusException: 403 FORBIDDEN \"Request rejected because caller cannot access Confluence\""}
HTTP 403

2 answers

1 vote

Hi Steve,

At first the Atlassian service account only works in api with url starting with api.atlassian.com.

In api documents its shows as OAuthy2 connection but it will be used for all scoped tokens

Besides that You could check the API Token Scope Permission.

I found out that the granular scope of the API token don't work properly and a few scopes could be missing in documentation.

So, I recommend using the classic scope to read or write.

And in the features, like assets, that don't have classic scope, you could select all granular items for read or for write simulating the classic behavior.

Regards.

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Thanks, we'll try changing the url!

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Hi @Steven Chau

I found this article in Community.

It could be help you.

https://community.atlassian.com/forums/Jira-questions/Jira-API-with-Basic-Auth-and-Service-Account/qaq-p/3119645

Regards.

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

0 votes

Hello @Steven Chau

Welcome to the Atlassian community.

How did you create this service account? Did you create it like a "normal" user account that can login to the UI? Did you create it though the Admin hub through Directory > Service Accounts? I think from your description you mean the latter.

Are you trying to use this account to programmatically access Confluence? If so, how are you authenticating the account? Did you generate a token for the account? Is it an OAuth token or an API token? Can you provide more details about how you are trying to use the account?

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Hi, thanks for your reply.

I created the Service Account through the Admin hub in Service Accounts with an API-token.

My colleague used commands with these urls:

"https://<tenant>.atlassian.net/wiki/rest/api/user/current"
"https://<tenant>.atlassian.net/wiki/rest/api/space/TC"

And got the 403 errors.

Also it's strange that I added de Service account to the user and admin groups for confluence, but I can't find the account in the Confluence groups under users. Not sure if that's related to the problem.

Sorry for my non-technical description of the problem. Normally I do more business analyst work on the user side of applications.

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Suggest an answer

Was this helpful?

Thanks!

Confluence

DEPLOYMENT TYPE

CLOUD

PRODUCT PLAN

STANDARD

PERMISSIONS LEVEL

Product Admin

Forums

Q&A

Community resources

Support

Top groups

Community resources

Support

Learn

Community resources

Support

Events

Community resources

Support

A service account wants to access a space but gets a 403 error

2 answers

Suggest an answer

Was this helpful?

Thanks!

DEPLOYMENT TYPE

PRODUCT PLAN

PERMISSIONS LEVEL

TAGS

Atlassian Community Events