Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions
Community
Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning Events Champions
Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning Events Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Get Http request "received HTTP status response: 401"

Steven Vits
Steven Vits
Contributor
November 5, 2025

I'm trying to set up a http request in an automation rule.

  1. post action to 'https://login.microsoftonline.com/<TenentID>/oauth2/v2.0/token'
  2. creating var: Bearer {{webhookResponse.body.access_token}} seems succesfull
  3. get action to API with header 'Authorization' with var as a value is returning a 401 response
"Unable to publish the web request - received HTTP status response:
401
Error found in the HTTP body response:
{"error":{"code":"SecurityTokenInvalidSignature","message":"The provided authentication token is not valid, token signature is not properly formatted."}}"
This setup is working fine in postman but is refusing to work in JSM automation. 
Any ideas in what I am overseeing?
Answer
Watch
Like Be the first to like this
262 views

3 answers

2 accepted

0 votes
Answer accepted
Steven Vits
Steven Vits
Contributor
November 6, 2025

found the issue:

in the post action to get the acces token the 'scope' was not correct. it stated graph.microsoft.com  instead of service.flow.microsoft.com 

thank you all for the needed help and overthinking.

Reply
0 votes
Answer accepted
Charlie Misonne
Charlie Misonne
Community Champion
November 5, 2025

Hi Steven,

Are you sure about the "webhookResponse" smart value? I know it exists for Jira Data Center but on Jira Cloud I always use "webResponse".

Here is what I have for the Authorization header.

Bearer {{webResponse.body.access_token}}

+ make sure you check this option on the call where you are requesting the token "Delay execution of subsequent rule actions until we've received a response for this web request"

View More Comments
Steven Vits
Steven Vits
Contributor
November 5, 2025

@Charlie Misonne thank you for the suggestion. I will check this first thing tomorrow. As I do get a value in the var iI assumed this was correct. It seemed like a newline value JSM was adding to the bearer token.

will keep you posted.

Like
Charlie Misonne
Charlie Misonne
Community Champion
November 5, 2025

And is what you are getting in the variable the expected value?

I'm doing the same, also to trigger a PowerAutomate flow and I did not have to deal with any newlines in the response.

I'm not storing the token in a variable first. I use the smart value directly as Authorization header. Perhaps this can cause a difference.

Screenshot 2025-11-05 205120.png

Like
Steven Vits
Steven Vits
Contributor
November 5, 2025

This is what the rule looks like:

getting the acces key

001.png

storing the key in a variable and audit log for troubleshooting:

003.png

002.png

And the get action, I also tried with post (also changed in power automate off course)

006.png

And the audit log itself:

005.png

Like
Charlie Misonne
Charlie Misonne
Community Champion
November 6, 2025

Hi Steven,

Have you tried using the token logged by the automation rule in postman? Does it work?

My setup is the same except for the initial call to get the token.

In the payload (custom data) I did not URL encode the data. I'm just using this:

grant_type=client_credentials&scope=https://service.flow.microsoft.com//.default

I also noticed your "scope" is different". Not sure why the reason for that is.

An improvement but certainly not related to your issue:

Again in the custom data: I do not provide client_secret and client_id because you can not encrypt/ mask that part in the automation rule.

The endpoint also supports the Authorization header with the value <client_id>:<client_secret> encoded with base 64.

So:

Screenshot 2025-11-06 103026.png

Like Steven Vits likes this
Steven Vits
Steven Vits
Contributor
November 6, 2025

found the issue:

in the post action to get the acces token the 'scope' was not correct. it stated https://graph.microsoft.com/.default instead of https://service.flow.microsoft.com//.default

thank you all for the needed help and overthinking.

Like Marc -Devoteam- likes this
Charlie Misonne
Charlie Misonne
Community Champion
November 6, 2025

Yes that' what I also found out when comparing our setups.

I remember I had to do a lot of troubleshooting back then when I created this rule.

I'm glad I could help! Please mark the answer as accepted to close off this topic :-)

Like
Steven Vits
Steven Vits
Contributor
November 7, 2025

Thank you again, just tested with the base 64 encoded authorization header and it works perfect. security boosted! Now finding a way to call an key vault and it would approach perfection.

 

Like Charlie Misonne likes this
Charlie Misonne
Charlie Misonne
Community Champion
November 7, 2025

Great! I really try to avoid having plain text secrets in the automation rules.

Anyone with permissions to see (or export!) rules will gain access to the values.

When you integrate with key vault let me know! This is something I also planned to do in the future.

Like Steven Vits likes this
Reply
0 votes
Marc -Devoteam-
Marc -Devoteam-
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
November 5, 2025

Hi @Steven Vits 

As you are making a call to a Microsoft endpoint, this is providing the 401, not the automation rule in Jira.

So the authorization towards MS not working.

It also states this in the error "The provided authentication token is not valid, token signature is not properly formatted"

Check what authorization is needed at the MS side?

Also to get a token from MS, you first need to be logged in on the MS side, to get an oauth token.

The call you are making is not authorized, with the provided credentials in the post action.

 

View More Comments
Steven Vits
Steven Vits
Contributor
November 5, 2025

@Marc -Devoteam- , thanks for the reply, the first pist action to Microsoft is succesfull and I do get a reply. Also using postman all is working like it should be.

the second http action should start a power automate flow with the auth token from tje app registration. 

Like
Marc -Devoteam-
Marc -Devoteam-
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
November 6, 2025

Hi @Steven Vits 

Have you provided the right headers in the web request in the automation rule.

Postman has many headers set by default, but the web request action not, are the right headers provided to make the call to the MS endpoint?

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
PREMIUM
PERMISSIONS LEVEL
Product Admin
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Notice at Collection Terms Security