Hi champs
I am trying to create issue through Postman and later on using my program. I am able to read details but not able to write back/create issue. Since I am doing POC, currently using free plan.
I am getting 403 - Forbidden on POST call. There is no option to enable it.
Thanks,
I tried this option but getting same error with this header too. Let me answer your questions here.
http://xxxxxx.atlassian.net/rest/api/3/issue
{
"fields": {
"projects": {
"key": "TES"
},
"summary": "create issue",
"issueType": {
"name": "Task",
"subtask": false
},
"priority": {
"name": "Medium"
}
}
}
3. Yes, I am using same instance and last attempt 6.25 PM IST ( GMT+5.30)
Hello @Santosh Ojha ,
The body you are sending with your request has some typos. If I use it I get error 400 in return because:
After correcting above properties I am able to successfully run the REST call:
curl -u <EMAIL-ADDRESS>:<API-TOKEN> -D- -H 'Accept: application/json' -H 'Content-Type: application/json' --data '{"fields":{"project":{"key":"TKPF"},"summary":"create issue","issuetype":{"name":"Task","subtask":false},"priority":{"name":"Medium"}}}' -X POST "https://XXX.atlassian.net/rest/api/3/issue"
HTTP/2 201
server: AtlassianProxy/1.15.8.1
cache-control: no-cache, no-store, no-transform
content-type: application/json;charset=UTF-8
strict-transport-security: max-age=315360000; includeSubDomains; preload
date: Wed, 17 Jun 2020 16:46:05 GMT
[...]
{"id":"10002","key":"TKPF-3","self":"https://XXX.atlassian.net/rest/api/3/issue/10002"}
Can you kindly run below request using Curl (replace <EMAIL-ADDRESS> and <API-TOKEN> with the correct values) and paste the output of the command in here like I did above?
curl -u <EMAIL-ADDRESS>:<API-TOKEN> -D- -H 'Accept: application/json' -H 'Content-Type: application/json' --data '{"fields":{"project":{"key":"TES"},"summary":"create issue","issuetype":{"name":"Task","subtask":false},"priority":{"name":"Medium"}}}' -X POST "http://bhoran.atlassian.net/rest/api/3/issue"
Cheers,
Dario
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Also, in the logs I can see:
2020-06-17 14:56:39.839WARNcom.atlassian.plugins.rest.common.security.jersey.XsrfResourceFilterUse of the 'nocheck' value for X-Atlassian-Token has been deprecated since rest 3.0.0. Please use a value of 'no-check' instead.
2020-06-17 14:56:39.841WARNcom.atlassian.plugins.rest.common.security.jersey.XsrfResourceFilterAdditional XSRF checks failed for request: https://bhoran.atlassian.net/rest/api/3/issue , origin: null , referrer: null , credentials in request: true , allowed via CORS: false
Apparently there is a typo in here as well: in the header you should use "no-check" instead of "nocheck".
This was also mentioned in the already provided KB to solve this issue:
Resolution
To call protected APIs from external systems you can add the
X-Atlassian-Token
header to each request, setting the value tono-check
. Adding this header to a request bypasses the server-side XSRF check and allows the request to be fulfilled.
So, to summarize:
Cheers,
Dario
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello @Santosh Ojha ,
Welcome to the Atlassian Community!
I am able to create issues via REST API in my free instance without any problem:
In the ticket you previously created I can read that you are able to send the same call to your Jira Server instance while you get 403 in Cloud.
If that's the case, then:
Cheers,
Dario
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
@Dario B I tried couple of days back and will try again today to check. As I mentioned before, get request is going successful but 403 is there on POST only.
Will check this again and update.
I tried but no luck. Do you need to pass anything other than Authorization and content-type in header ? I tried on V2 as well but no luck.
Any setting need to be enable in cloud profile or project setting ?
It is working fine in local setup.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello @Santosh Ojha ,
In the provided screenshot I can see that the error returned is actually XSRF check failed. In this case you may want to check below KB:
In case above KB does not work please answer the question I asked in my previous post.
Cheers,
Dario
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Thank you buddies for your all guidance and help. It was very basic error. I was using http instead of https. After change, I started getting 400 and it worked after input correction.
"X-Atlassian-Token: no-check" is not required if user use is not admin.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You are welcome @Santosh Ojha , happy to know the issue is solved! :)
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.