We developed an App that user can grant the access permission to their confluence to us. Once the App is authed, we store the refresh token and access token.
We created a test account that has a single admin user and one test space. The test uses confluence python client 3.41.10 to access the confluence page, like below
from atlassian import Confluence
cf = Confluence(url=confluence_cloud_url, token=access_token)
cf.get_all_pages_from_space(space='TestSpace')
get exception: requests.exceptions.HTTPError: Current user not permitted to use Confluence
The weird thing is: this simple test program worked last week, but suddenly failed this week. Any idea?
Find the solution. When making requests with OAuth 2.0 (3LO) , we need to direct them to api.atlassian.com, not to the personal Atlassian domain. Need to get the cloud id for the personal domain first.
curl --request GET \
--url https://api.atlassian.com/oauth/token/accessible-resources \
--header 'Authorization: Bearer access_token' \
--header 'Accept: application/json'
And get like "id":"bb601347-ea5d-4dbc-901f-ddbf430dd37d".
Then get Confluence space content with url https://api.atlassian.com/ex/confluence/bb601347-ea5d-4dbc-901f-ddbf430dd37d/wiki/rest/api/content
curl --request GET \
--url https://api.atlassian.com/oauth/token/accessible-resources \
--header 'Authorization: Bearer access_token' \
--header 'Accept: application/json'
response:
[{"id":"bb601347-ea5d-4dbc-901f-ddbf430dd37d","url":"https://goo-test.atlassian.net","name":"goo-test","scopes":["read:content:confluence"],"avatarUrl":"https://site-admin-avatar-cdn.prod.public.atl-paas.net/avatars/240/triangle.png"}]%
But
curl --request GET \
--url https://goo-test.atlassian.net/wiki/rest/api/content \
--header 'Authorization: Bearer same_access_token' \
--header 'Accept: application/json'
response:
{"message":"Current user not permitted to use Confluence","statusCode":403}
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
any one can help? try curl directly,
curl -D- \ -X GET \ -H "Authorization: Basic access_token" \ -H "Content-Type: application/json" \ "https://<your-domain.atlassian.net>/wiki/rest/api/space"
get:
<!doctype html><html lang="en"><head><title>HTTP Status 401 – Unauthorized</title><style type="text/css">body {font-family:Tahoma,Arial,sans-serif;} h1, h2, h3, b {color:white;background-color:#525D76;} h1 {font-size:22px;} h2 {font-size:16px;} h3 {font-size:14px;} p {font-size:12px;} a {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP Status 401 – Unauthorized</h1><hr class="line" /><p><b>Type</b> Status Report</p><p><b>Message</b> Basic Authentication Failure</p><p><b>Description</b> The request has not been applied to the target resource because it lacks valid authentication credentials for that resource.</p><hr class="line" /><h3>Apache Tomcat/9.0.87</h3></body></html>%
If I use the API token, get_all_pages_from_space() works. but not with the access token via OAuth.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.