401 – Unauthorized Error When Running Simple Curl Command For Some Users

Ryan January 4, 2021

When trying to run the following curl command:

curl -u user@myorg.edu:password -X GET "https://wiki.myorg.edu/rest/api/content"

 I get the following error message:

HTTP Status 401 – Unauthorized: Basic Authentication Failure - Reason : AUTHENTICATED_FAILED. The request has not been applied because it lacks valid authentication credentials for the target resource

We are using SSO to log in to confluence and and are syncing with AD. This error seems to occur for just one account, but not other accounts (I've only been able to reproduce the error for just the one account). I am able to log into confluence so I can confirm that the credentials are correct.

Unfortunately, I am not an admin and don't have much insight into logs or admin settings.

2 answers

0 votes
WW
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
January 8, 2021

Generally, when it's only one user having issues it's a permissions problem, whether through the REST API or the UI.  I know it's an error 401, not 404, but it wouldn't hurt to check. 

You mentioned that the user is able to login to Confluence, which I'm assuming means s/he has a license, but can the user access the specific content, not just Confluence, through a browser?

Does the user have permissions to the space in which the content you're trying to pull is located?  Are there any page restrictions that may be limiting that user from accessing the content.

And to ask a stupid question, are the username and password both spelled correctly?

Otherwise, these are the things I see as different from how I do it:

Are you passing a base64 encoded username/password?

Do you use the request header?

X-Atlassian-Token:no-check

Ryan January 8, 2021

Hello,

Yes, permissions issue was my thought as well. I am able to view and edit pages within some spaces that the admin gave it access to within the browser. I believe our admin gave full access to the space, I'll have to wait a few days for him to get back from vacation before I can confirm this (I don't have admin access to change the permissions).

Yes, I did confirm that the username and password are correct. Just to be sure, I copied the password and logged into the browser first and copied it over to the curl command so that I made sure it was the same. We also have some tools that can tell if an account gets locked if there are too many incorrect login attempts, and I can confirm that the account never gets locked with multiple attempts.

I am not passing a base64 encoded username/password. Other accounts that I have used did not require a base64 encoded username/password and they were able to access the api with no issues.

I added X-Atlassian-Token:no-check, but it looks like it did not work.

0 votes
Prince Nyeche
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
January 4, 2021

Hi @Ryan 

if everything else is correct and this still happens, try logging in on the Browser with the same credential before trying the curl request.

Ryan January 6, 2021

Hi Prince,

I logged in on the browser with the same credentials and retried the curl request, but received the same error.

Prince Nyeche
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
January 6, 2021

Hi Ryan,

Can you try using Postman with the same code and see if there's any difference? Also if you access that endpoint on a browser, does the content load up?

Ryan January 7, 2021

I still get the same error using Postman. Yes I can see content when I access that endpoint on a browser. The admin was able to give that account full access to some spaces and pages in those spaces, giving the account the ability to read and make edits to pages via the browser.

Prince Nyeche
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
January 8, 2021

Ah I forgot to ask! Does your instance use 2FA? if so this will never work as it will fall back to authenticating the MFA.

Ryan January 8, 2021

It does use MFA for users, but not for service accounts (which is what this account is).

Ryan January 8, 2021

We also have another environment running confluence, and it seems like the account works in that environment. Not sure why this environment is having issues.

Prince Nyeche
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
January 11, 2021

Last resort is using a different device and trying the same thing since it works on other environments. if that happens, then most probably something is blocking your access to the endpoint on that device.

Suggest an answer

Log in or Sign up to answer
TAGS
AUG Leaders

Atlassian Community Events