Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Curl REST API - {"message":"Current user not permitted to use Confluence","statusCode":403}

Senthil Prasanth
Senthil Prasanth January 27, 2022

Hello Experts,

I am recently exploring confluence REST APIs. I was trying examples at https://developer.atlassian.com/server/confluence/confluence-rest-api-examples/

So I created a my free sample Space & Confluence Page at Atlassian cloud https://userid.atlassian.net/

When I tried using curl GET example I am getting 

{
"message": "Current user not permitted to use Confluence",
"statusCode": 403
}

I referred all the examples & Suggestions given at below links but couldn't able to figure out the issue. If you could help me out in understanding and showing me the direction that would be great.

https://community.atlassian.com/t5/Confluence-questions/Confluence-Cloud-REST-API-quot-message-quot-quot-Current-user/qaq-p/1566379

https://community.developer.atlassian.com/t/current-user-not-permitted-to-use-confluence-error-when-getting-app-properties/38472

https://community.developer.atlassian.com/t/401-unauthorized-with-bearer-token-from-oauth/42561

Error step:

C:\Users\sent>curl -D- --ssl-no-revoke -u <userid>:<Api token> -X GET -H "Content-Type: application/json" https://userid.atlassian.net/wiki/rest/api/content/<pageno>
HTTP/1.1 403 Forbidden
Server: AtlassianProxy/1.19.3.1
vary: Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
Content-Type: application/json
Strict-Transport-Security: max-age=315360000; includeSubDomains; preload
Date: Thu, 27 Jan 2022 20:28:40 GMT
ATL-TraceId: 08513d1914924ded
expires: Thu, 01 Jan 1970 00:00:00 GMT
X-XSS-Protection: 1; mode=block
Transfer-Encoding: chunked
x-envoy-upstream-service-time: 42
X-Content-Type-Options: nosniff
ATL-Confluence-Via: h:confluence-prod-us-7-3.prod.atl-paas.net
Expect-CT: report-uri="https://web-security-reports.services.atlassian.com/expect-ct-report/global-proxy", enforce, max-age=86400
Connection: Keep-Alive

{"message":"Current user not permitted to use Confluence","statusCode":403}

Answer
Watch
Like Be the first to like this
6145 views

5 answers

2 votes
Art Linkov
Art Linkov April 11, 2022

Hi @Senthil Prasanth

I just faced the same problem, after digging a little bit in the suggested examples by @Pramodh M I found the solution that worked for me.

What you need to do is essentially just add an `Authorization` header with the following format:

`Authorization: Basic <base64 encoded token>`

 

Where the `<base64 encoded token>` should be generated by encoding the following string:

`your_email@domain.com:your_user_api_token` => Base64 encoding => `eW91cl9lbWFpbEBkb21haW4uY29tOnlvdXJfdXNlcl9hcGlfdG9rZW4=`

(Atlassian recommends this site for the encoding https://www.base64encode.net/)

 

Keep in mind, at first I could not make it work too, but then I remembered that my email was changed so I had to generate a new encoded token, following which the API call worked.

 

Hope this helps!

Regards,

Art Linkov

Reply
0 votes
Abdullah Khawer
Abdullah Khawer
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
March 5, 2024

The Atlassian user should have access to Confluence app, the `View` and `Add` permissions in the space on it and the `Can edit` permission on the page in that space. Also, you need to create an API token as the password won't work. After doing all of this, it worked for me.

Reply
0 votes
Dara O hEidhin
Dara O hEidhin February 5, 2024

This did my nut in until I realised that being logged into multiple Confluence accounts was causing the issue.

I use my company email for day to day and my personal email to test my scripts before I use them in production.

As it turned out, even though I was logged into my personal account in the dev spaces, when I clicked the link from there, in settings, to create an API, the resultant settings page was under the work email. 

Long story short, see if when creating an API key you are logged into the correct account.

Reply
0 votes
Yu Qiu
Yu Qiu
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
December 13, 2023

Same here.. Took 3 hours and cannot find a reason. I am the org owner but I cannot change the permission of a space.

Reply
0 votes
Pramodh M
Pramodh M
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
January 27, 2022

Hi @Senthil Prasanth 

Did you create a token from here

https://id.atlassian.com/manage-profile/security/api-tokens

And can you navigate to Confluence UI?

Let me know

Thanks

View More Comments
Senthil Prasanth
Senthil Prasanth January 28, 2022

Hello @Pramodh M 

Yes, I created a API token at https://id.atlassian.com/manage-profile/security/api-tokens

  • I could able to login to my Confluence UI and I can able to navigate to Confluence UI
  • Even I can able to get the required content from browser ( Chrome & Edge ) https://userid.atlassian.net/wiki/rest/api/content/<pageno>
  • But when I use a Curl (or) Python script to GET the same content, I get the following error.

{
"message": "Current user not permitted to use Confluence",
"statusCode": 403
}

Thanks in Advance.

Like
Senthil Prasanth
Senthil Prasanth January 31, 2022

Hello Experts,

Could you please assist us here.

Thanks in Advance;

Like
Peng Xi
Peng Xi March 1, 2022

I just found it here. I also encountered a similar problem. The difference is that I can upload successfully using curl, but I try to send about 800m files in GitHub action (I'm waiting for pipeline to update some features to switch to bitbucket)

`{"message":"Current user not permitted to use Confluence","statusCode":403}`

Any suggestions?

Like
Pramodh M
Pramodh M
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
March 1, 2022

Hi @Senthil Prasanth @Peng Xi 

Please follow the format here to successfully call the API

https://developer.atlassian.com/cloud/confluence/rest-api-examples

Like
Senthil Prasanth
Senthil Prasanth March 11, 2022

Hello @Pramodh M 

Thanks for your reply. But I am still facing the same error.

I am following the same procedure as you pointed out. Any help is much appreciated here

Regards,

Senthil Prasanth K 

Like
Jake Porter
Jake Porter January 30, 2023

@Senthil Prasanth make sure you don't forget to replace the "your-domain.atlassian.net" in the url variable with your actual domain... may not be the issue you are having, but i totally missed it

url = "https://your-domain.atlassian.net/wiki/rest/api/content/{id}/child"

Like Chip Morton likes this
MarkusS
MarkusS February 14, 2023

Same problem here, no solution.
I am doing REST calls every day as part of my job.

But I can't make it work with Atlassian :-(

Do I have to enable the API access on my Spaces?

Where do you control if the "Basic User" is allowed to access the requested page via API? Or is a user per sé allowed to access pages via API if he has a token?

 

GET https://<MyDomain>.atlassian.net//wiki/rest/api/content/166662/child

Authorization: Basic {{Atlassian.Basic}}
Content-Type: application/json
HTTP/1.1 403 Forbidden 
{  "message": "Current user not permitted to use Confluence",  
"statusCode": 403 }
Like # people like this
SiDawg
SiDawg May 10, 2023

I got same issue after successfully using the "create page" V2 API's: the code i was referencing (chatgpt!) was adding authorization header with "Bearer [auth string]" in my create attachment code, rather than "Basic [auth string]" like I had been using with the other API's.... Good news is im no longer getting this error: bad news im now getting "no multipart boundary" error but I think after I whip chatGPT a few times it will work :D

Like
SiDawg
SiDawg May 10, 2023

...and yeah, the auth string = Base64(USERNAME + ":" + APITOKEN) where username = your email address and apitoken = from Atlassian site https://id.atlassian.com/manage-profile/security/api-tokens

Like
gabriel.fournier
gabriel.fournier July 26, 2023

Same issue here. I have created a page and now I can't add tags cause of permissions apparently...

Like Yu Qiu likes this
Reply

Suggest an answer

Log in or Sign up to answer
Confluence
Confluence
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
FREE
TAGS
AUG Leaders

Atlassian Community Events

    See all events