Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Issue with bamboo api calls

When we are trying to make api calls to bamboo we get the following response


curl -k 'https://bambooxxxxxxx/rest/api/latest/deploy/project/all' -u username:password


<title>Internal server error</title>
<meta name="decorator" content="install" />

<h1>Internal server error</h1>

<h4>Go to...</h4>
<li><a href="/">Site homepage</a></li>
A system error has occurred - our apologies!
Please create a problem report on our <b>support system</b> at <a href=""></a> with the following information:
<ol class="standard">
<li>a description of your problem and what you were doing at the time it occurred
<li>cut &amp; paste the error and system information found below
<li>attach the <strong>atlassian-bamboo.log</strong> log file found in your application home.
We will respond as promptly as possible.<br/>Thank you!

<b>Version:</b> 6.9.1<br>
<b>Build:</b> 60910<br>
<b>Build Date:</b> 04 Jun 2019

<h4>Request information:</h4>
<ul class="standard">
<li>Request URL: https://bambooxxxxxx/500.action</li>
<li>Scheme: https</li>
<li>Port: 443</li>
<li>URI: /500.action</li>
<li>Context path: </li>
<li>Servlet path: /500.action</li>
<li>Path info: </li>
<li>Query string: </li>

<b>Stack Trace:</b>


java.lang.IllegalStateException: XSRF: A mutative operation was attempted on InternalMembership within a non-mutative HTTP request: https://bambooxxxxx/rest/api/latest/deploy/ : [null]-&gt;
-&gt;[[386695185, 328237456, GROUP_USER, GROUP, KeyLight_Access, keylight_access, , 2021-01-21 11:20:59.162,$HibernateProxy$xJR7flyF@4db106e7[lowerName=crowd repository,description=


1 answer

This seems to be related to an XSRF bug that has by chance just been fixed and published in Bamboo 7.2.2 yesterday:

If you are unable to upgrade to Bamboo 7.2.2 right away, the issue lists two workarounds:

Workaround 1

Use Personal Access Tokens to authenticate with the API instead:

Workaround 2

Login as the user via the UI so that updates are performed. REST calls will now work until theres another change to the user or their group membership.

Suggest an answer

Log in or Sign up to answer
Community showcase
Published in Bamboo

Bamboo Data Center 8.1 is now available

G’day Bamboo customers, Bamboo DC 8.1 is now available with it the following features and programs: SAML 2.0, OpenID Connect, and Crowd SSO In order to help admins with a simplified user manage...

171 views 0 4
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you