Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Query to JIRA rest api with JWT returns empty json

Andreas Kunter
Andreas Kunter January 25, 2016

Hello all,

we are having trouble querying the JIRA rest api with JWT authentication (from an addon for JIRA Cloud which we created). When we started integrating, we received a couple of error message, which we fixed fast. So we would expect, if there is still something wrong with the call (i.e. canonical query string hash, JWT format, rights), we would get more.

Fact is, we do a call like

GET&/rest/api/2/project&

and receive

[]

So it looks like an empty JSON. We have multiple projects in the cloud instance we query (we can query rest API for this instance via classic user authentication), so this should not be empty.

Some other noteworthy information:

Anyone got an idea what the reason is for this? Or is there any place to look in JIRA Cloud for failed api calls?

 

Watch
Like # people like this
2131 views

6 answers

Comments for this post are closed

Community moderators have prevented the ability to post new answers.

Post a new question

0 votes
jmls
jmls December 12, 2016

After reading this thread it seems that it is possible to to authenticate a rest request to the JIRA api  - would anyone have some sample config / instructions on how to implement this ?

View More Comments
Andreas Kunter
Andreas Kunter December 12, 2016

The API guide can be found here:

https://docs.atlassian.com/jira/REST/cloud/

The authentication process links can be found there, too.

Some examples:

https://developer.atlassian.com/jiradev/jira-apis/jira-rest-apis/jira-rest-api-tutorials

 

Like
Reply
0 votes
Andreas Kunter
Andreas Kunter January 27, 2016

Nevermind, we figured it out. Problem was, when creating the canonical query string we also included POST params, this caused a 401 error on the JIRA side.

Thanks all for your help, now all api calls run smoothly.

Reply
0 votes
Andreas Kunter
Andreas Kunter January 27, 2016

You are partly right, Mark. Descriptor declaration for these flags is as follows:

"authentication": {
  "type": "jwt"
},
"scopes": [
  "read", "write"
],

This should be sufficient for querying Projects list.

We were able to solve our problem in the first place now. As of the documentation, you need to place the JWT token in an Authentication header, which we did. And according to what you said (that you get an empty JSON object if you are not logged it) we thought it might be an authorisation problem. Attaching the jwt parameter to the URL worked out. Now we are able to query the API with the JWT authentication.

BUT: it only works when doing GET requests. If you are doing POST the results are strange:

  • placing the JWT parameter as a POST variable gives the response "Unrecognized field "jwt" (Class com.atlassian.jira.rest.v2.search.SearchRequestBean), not marked as ignorable..."
  • placing the JWT parameter in the URL gives a 401 Unauthorised

So how are we supposed to place the JWT token in the request when doing POST requests?

 

Reply
0 votes
Andreas Kunter
Andreas Kunter January 27, 2016

There is no addon user. If you use JWT, authentication is done via token, not user credentials. So the rights you have on certain objects in JIRA through API calls via JWT is dependant on scope declaration in the JSON addon descriptor.

But thanks for your suggestion.

Reply
0 votes
Robert Massaioli _Atlassian_
Robert Massaioli _Atlassian_
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
January 26, 2016

What level of permissions does each project require in order to view them? Ensure that the add-on user has the permissions required to view the projects since if that user cannot see the project you will get an empty result.

Reply
0 votes
Mark L. Smith
Mark L. Smith
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
January 25, 2016

What is the value of scopes and authentication in your Connect descriptor (atlassian-connect.json) file?

Notice that you get an empty JSON array if you access /rest/api/2/project when you are not logged in:

It could be that you don't have the proper access setup in your Connect descriptor.

 

Reply

Comments for this post are closed

Community moderators have prevented the ability to post new answers.

Post a new question

Atlassian logo
Answers Developer Questions
TAGS
AUG Leaders

Atlassian Community Events

    See all events