Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Jira rest api call fails

Kalidoss M
Kalidoss M
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
August 24, 2019

Jira rest api (version 3) calls made using OAuth 2.0 fail. It worked for sometime with a new token then started failing. Regenerated the auth code and token but still fails. calls made with basic auth work fine. The problem is only while using OAuth 2.0.

status code: 401

error: 'Client must be authenticated to access this resource.'

Answer
Watch
Like Be the first to like this
932 views

2 answers

0 votes
Dario B
Dario B
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
August 27, 2019

@Kalidoss M 

I have just seen your reply to the Support ticket:

I am using OAuth 2.0. i am able to generate Authorization code through
browser but unable to generate it through my webservice since it requires
atlassian user to login & click "Accept" button in order to generate
Authorization code and redirect the site with Authorization code.

Unfortunately there is no UI component in my application (Only APIs). So
trying to find out a way to get the Authorization code without having to
click "Accept" button.

 

If this is the case then, as written on the top of the OAuth 2.0 (3LO) for apps documentation page, you should not be using Oauth 2.0 but Oauth 1.0:

Which authentication method should I use?

 

This is because, as written in the same documentation page, the first step for implementing Oauth 2 is to implement the code to Direct the user to the authorization URL to get an authorization code. The user will then log in (if not logged in already) and grant access from the browser, etc etc. 

 

I hope this helps.

 

Cheers,
Dario

View More Comments
Kalidoss M
Kalidoss M
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
August 27, 2019

Hey @Dario B,

Thanks for helping me out with this, I appreciate your effort. Now I am clear that I can't use OAuth 2.0 in my use case since it requires user authorisation every time we request for authorisation code. May I know if I can use OAuth 1.0? or does OAuth 1.0 also require user authorisation all the time?

If OAuth 1.0 also doesn't work for me then I will have to go with basic auth.

Thanks,

Kalidoss M

Like Dario B likes this
Dario B
Dario B
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
August 27, 2019

Hi @Kalidoss M ,

As mentioned in the already provided documentation, in your scenario you should be able to use OAuth 1.0a.

Otherwise, as you mentioned, another option would be indeed to use basic authentication with API Token

 

Please click on both links, review both documentation pages and choose the one that fits best your needs.

 

Cheers,
Dario

Like Kalidoss M likes this
Reply
0 votes
Dario B
Dario B
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
August 27, 2019

Hello @Kalidoss M ,

First of all, welcome to the Atlassian Community!

Then, before going any further, I can see that you already opened a support request for this issue. However, for the future, please notice that neither here nor there is the best place to get help on development related issues and that you should refer instead to the resources listed in:

Specifically:

 

 

Once this has been said, I can see that in the screenshot you attached to the support there is a section named "INFORMATION FOR THE OWNER OF [APP_NAME]". Can you kindly expand that section and let us know what is written in there?

Something-went-wrong.png

 

I am asking for this since on the top of the OAuth 2.0 (3LO) for apps documentation page I can read:

This functionality is currently in developer preview. During the developer preview, grants can only be authorized from the developer's account (that is, by the owner of the app). We are now in beta for the public distribution of apps - see ACJIRA-1588 for updates.

 

And in the last comments on ACJIRA-1588:

[...]
When you create a new 3LO app, it is accessible only by the owner (or app creator). To be able to test it out with multiple users, we need to enable your account to publicly distribute the app first, since this feature is still in beta. You can do the above by raising a ticket in this service desk and we will take care of it from there.
[...]

 

Therefore, it can actually be the case that this is something  known/expected but we need more information in order to whether confirm or deny.

 

Cheers,
Dario

Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Notice at Collection Terms Security