Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
Community Members
Community Events
Community Groups

Issue with bamboo api calls

When we are trying to make api calls to bamboo we get the following response


curl -k 'https://bambooxxxxxxx/rest/api/latest/deploy/project/all' -u username:password


<title>Internal server error</title>
<meta name="decorator" content="install" />

<h1>Internal server error</h1>

<h4>Go to...</h4>
<li><a href="/">Site homepage</a></li>
A system error has occurred - our apologies!
Please create a problem report on our <b>support system</b> at <a href=""></a> with the following information:
<ol class="standard">
<li>a description of your problem and what you were doing at the time it occurred
<li>cut &amp; paste the error and system information found below
<li>attach the <strong>atlassian-bamboo.log</strong> log file found in your application home.
We will respond as promptly as possible.<br/>Thank you!

<b>Version:</b> 6.9.1<br>
<b>Build:</b> 60910<br>
<b>Build Date:</b> 04 Jun 2019

<h4>Request information:</h4>
<ul class="standard">
<li>Request URL: https://bambooxxxxxx/500.action</li>
<li>Scheme: https</li>
<li>Port: 443</li>
<li>URI: /500.action</li>
<li>Context path: </li>
<li>Servlet path: /500.action</li>
<li>Path info: </li>
<li>Query string: </li>

<b>Stack Trace:</b>


java.lang.IllegalStateException: XSRF: A mutative operation was attempted on InternalMembership within a non-mutative HTTP request: https://bambooxxxxx/rest/api/latest/deploy/ : [null]-&gt;
-&gt;[[386695185, 328237456, GROUP_USER, GROUP, KeyLight_Access, keylight_access, , 2021-01-21 11:20:59.162,$HibernateProxy$xJR7flyF@4db106e7[lowerName=crowd repository,description=


1 answer

This seems to be related to an XSRF bug that has by chance just been fixed and published in Bamboo 7.2.2 yesterday:

If you are unable to upgrade to Bamboo 7.2.2 right away, the issue lists two workarounds:

Workaround 1

Use Personal Access Tokens to authenticate with the API instead:

Workaround 2

Login as the user via the UI so that updates are performed. REST calls will now work until theres another change to the user or their group membership.

Suggest an answer

Log in or Sign up to answer
Community showcase
Published in Bamboo

Bamboo 9.0 is now available

Hey there, Data Center community! I'm Martyna Wojtas and I am the Product Manager for Bamboo Data Center. I’m excited to share that Bamboo 9.0 is now available. We purpose-built this platform to help...

310 views 0 7
Read article

Atlassian Community Events