Current user not permitted to use Confluence

We developed an App that user can grant the access permission to their confluence to us. Once the App is authed, we store the refresh token and access token.

We created a test account that has a single admin user and one test space. The test uses confluence python client 3.41.10 to access the confluence page, like below

from atlassian import Confluence

cf = Confluence(url=confluence_cloud_url, token=access_token)

cf.get_all_pages_from_space(space='TestSpace')

get exception: requests.exceptions.HTTPError: Current user not permitted to use Confluence

The weird thing is: this simple test program worked last week, but suddenly failed this week. Any idea?

3 answers

1 accepted

1 vote

Answer accepted

Find the solution. When making requests with OAuth 2.0 (3LO) , we need to direct them to api.atlassian.com, not to the personal Atlassian domain. Need to get the cloud id for the personal domain first.

curl --request GET \

--url https://api.atlassian.com/oauth/token/accessible-resources \

--header 'Authorization: Bearer access_token' \

--header 'Accept: application/json'

And get like "id":"bb601347-ea5d-4dbc-901f-ddbf430dd37d".

Then get Confluence space content with url https://api.atlassian.com/ex/confluence/bb601347-ea5d-4dbc-901f-ddbf430dd37d/wiki/rest/api/content

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

0 votes

curl --request GET \
--url https://api.atlassian.com/oauth/token/accessible-resources \
--header 'Authorization: Bearer access_token' \
--header 'Accept: application/json'

response:

[{"id":"bb601347-ea5d-4dbc-901f-ddbf430dd37d","url":"https://goo-test.atlassian.net","name":"goo-test","scopes":["read:content:confluence"],"avatarUrl":"https://site-admin-avatar-cdn.prod.public.atl-paas.net/avatars/240/triangle.png"}]%

But

curl --request GET \
--url https://goo-test.atlassian.net/wiki/rest/api/content \
--header 'Authorization: Bearer same_access_token' \
--header 'Accept: application/json'

response:

{"message":"Current user not permitted to use Confluence","statusCode":403}

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

0 votes

any one can help? try curl directly,

curl -D- \ -X GET \ -H "Authorization: Basic access_token" \ -H "Content-Type: application/json" \ "https://<your-domain.atlassian.net>/wiki/rest/api/space"

get:

<!doctype html><html lang="en"><head><title>HTTP Status 401 – Unauthorized</title><style type="text/css">body {font-family:Tahoma,Arial,sans-serif;} h1, h2, h3, b {color:white;background-color:#525D76;} h1 {font-size:22px;} h2 {font-size:16px;} h3 {font-size:14px;} p {font-size:12px;} a {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP Status 401 – Unauthorized</h1><hr class="line" /><p><b>Type</b> Status Report</p><p><b>Message</b> Basic Authentication Failure</p><p><b>Description</b> The request has not been applied to the target resource because it lacks valid authentication credentials for that resource.</p><hr class="line" /><h3>Apache Tomcat/9.0.87</h3></body></html>%

If I use the API token, get_all_pages_from_space() works. but not with the access token via OAuth.

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Suggest an answer

Was this helpful?

Thanks!

Confluence

DEPLOYMENT TYPE

CLOUD

PRODUCT PLAN

FREE

PERMISSIONS LEVEL

Product Admin

Forums

Product Q&A

Community resources

Support

Top groups

Community resources

Support

Learn

Community resources

Support

Events

Community resources

Support

Current user not permitted to use Confluence

3 answers

1 accepted

Suggest an answer

Was this helpful?

Thanks!

DEPLOYMENT TYPE

PRODUCT PLAN

PERMISSIONS LEVEL

TAGS

Atlassian Community Events