Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root


1 badge earned


Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!


Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.


Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!


Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
Community Members
Community Events
Community Groups

Using WGET or another method to download Bamboo shared artifacts (6.10.4+) 

After upgrading to 6.10.4 - not able to download shared artifacts using curl any more.

Previously used -u user:password. Now it stopped working, though no notification about it in Bamboo KB..

Tried using save-cookies method and token as well..

curl -v -H "Authorization: Bearer XXXXXXXXXXXXXXXX" 
> GET /artifact/HTMLAI-HAI1401/shared/build-204/htmlai.war/htmlai.war HTTP/1.1
> Host:
> User-Agent: curl/7.66.0
> Accept: */*
* Mark bundle as not supporting multiuse
< HTTP/1.1 302
< X-ASEN: SEN-11111
< X-Frame-Options: SAMEORIGIN
< X-Content-Type-Options: nosniff
< Location:!doDefault.action?os_destination=%2Fartifact%2FHTMLAI-HAI1401%2Fshared%2Fbuild-204%2Fhtmlai.war%2Fhtmlai.war

curl -v -u 'user:password'
* Server auth using Basic with user 'user'
> GET /artifact/HTMLAI-HAI1401/shared/build-204/htmlai.war/htmlai.war HTTP/1.1
> Host:
> Authorization: Basic XXXXXXXXXXXX
> User-Agent: curl/7.66.0
> Accept: */*
* Mark bundle as not supporting multiuse
< HTTP/1.1 401
< X-ASEN: SEN-111111
< X-Frame-Options: SAMEORIGIN
< X-Content-Type-Options: nosniff

Any suggestions?


1 answer

1 vote

Hi @timofey_shklyarov

Thank you for all the details shared. They are very helpful!


Accessing with user and password (plain text credentials)

According to my tests, on Bamboo 6.10.4, I get the 401 error when using the wrong credentials (incorrect user or password). The reason for your error could be the same or even a different one.

I get the 403 error when the permissions are incorrectly set to allow plan access. Either the user does not have access to the instance through global permissions (could be logged in user's permission) or he does not have access to the project or plan affected.

What I want to say with the above sentences is that I was able to successfully use the old authentication method to download the artifact with curl.


Accessing with a personal access token

I was not able to download the artifact using this method. I just registered a bug about this since I get a successful code when running the curl command but I don't get any file stream.

This is the bug I just opened:


Next steps

  • Can you double-check if you are able to access the artifact through the UI using that pair of user credentials?
  • If you can access that through the UI, would you be able to try running the curl command from the server terminal using its IP to check if it will work when the request comes from the same IP of the server?

I'll wait for your next comments.

Thx Daniel for confirming it should still work!

The restapi user had dollar sign in the password and I couldn't get it working via bash: both -u 'user:pas$word' and -u 'user:pas\$word' didn't work, though previously it was (with \). Seems, it has changed since the Bamboo update.

I changed the password, so that it wouldn't have dollar sign and have it working back!

Hi @timofey_shklyarov

That is really strange. I just ran a test with the in Bamboo 6.10.4 and I was able to get the rest API running with curl just fine.

I created a user called the user with the password pas$word and surrounded those with single quotes.

curl -X GET '<BAMBOO_URL>/browse/<BUILD-KEY>/artifact/shared/artifact/<FILE>' -u 'user:pas$word' 

Possible reasons for the failure:

  • Wrong password typed
  • Login needing captcha
  • Proxy translating the characters and causing trouble
  • Terminal evaluation of single quotes before the command is run
  • ... something else I was not able to grasp ...

If you want to test this again with a new password including $, please let me know.

yes, when I logged in manually, it was asking for captcha

can u pls inform, what's the preconditions for captcha appearing ? 


1. try REST. it fails

2. log in via GUI. first login fails (though I was copypasting creds, couldn't be wrong). next - with captcha successful.

3. try REST again. Fails again..

JFYI for me. anyway no issues now..

Hi @timofey_shklyarov

The definitions for captcha are set in Admin >> Security Settings >> Enable brute force protection option.

Usually, this number is configured to 3 attempts. Please make sure you don't have any other process/script attempting to use rest API with this user. It could cause the captcha to be triggered apparently too soon.

  • Can you share what is the OS and terminal interpreter used?
  • Is the last comment a result of a new test or a recall from the old event?
Like Victor Debone likes this
  • tested it on Fedora31 + bash5
  • last comment was a recall

No issues now. Thanks for the explanation and help!

Like Daniel Santos likes this

Awesome! I'm happy that we could clarify this together!
I hope you enjoy Bamboo now without issues.

Have a good one mate =]

Like timofey_shklyarov likes this

Suggest an answer

Log in or Sign up to answer

Atlassian Community Events