Hi,
API token-based Basic authentication works correctly for all Confluence REST API endpoints EXCEPT the /download/attachments/ endpoint, which consistently returns HTTP 401 Unauthorized.
**Observed Behavior**
The following REST API calls succeed with Basic Auth (email + API token):
- GET /wiki/rest/api/content/{pageId} — returns page data ✓
- GET /wiki/rest/api/content/{pageId}/child/page — returns child pages ✓
- GET /wiki/rest/api/content/{pageId}/child/attachment — returns attachment metadata including download URLs ✓
However, when using the download URL returned by the attachment metadata API (e.g. /wiki/download/attachments/{pageId}/{filename}?version=1&...), the same Basic Auth credentials return:
HTTP 401 Unauthorized
The attachment metadata API itself confirms the file exists and returns a valid download URL. The credentials are correct — they work on all other endpoints in the same session.
**Questions**
1. Is Basic Auth intentionally disabled for the /download/attachments/ endpoint on Confluence Cloud?
2. If so, is there a supported REST API alternative endpoint for downloading attachment content using API token authentication?
3. Is this restriction documented anywhere? I was unable to find any reference to this in the Confluence Cloud REST API documentation.
Any guidance or a supported alternative approach would be greatly appreciated.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.