Error 401 when attempting to log in to confluence using rest api

Chris Cilino July 30, 2019

I've tried just about everything. But I'm unable to log into the confluence server via the rest api with my credentials. I'm using a user name:api token and encoded it to base 64 per the instructions you see here:

https://developer.atlassian.com/cloud/confluence/basic-auth-for-rest-apis/

 

but i keep getting error 401

 

Basic Authentication Failure - Reason : com.atlassian.crowd.exception.FailedAuthenticationException: com.atlassian.crowd.exception.InvalidAuthenticationException: Invalid credentials</p><p>Description The request has not been applied because it lacks valid authentication credentials for the target resource.</p><hr class="line" /><h3>Apache Tomcat/7.0.91</h3></body></html>

 

What's worse is that when I go to the token management page the token says "never accessed". 

 

I know atlassian can find my account (because if I put a typo in my email address i get an error saying the account couldn't be found). My base url is https://<domain>.atlassian.net/wiki where <domain> is the name of my company.

 

I'm simply trying to execute  https://<domain>.atlassian.net/wiki/rest/api/content. When I manually log in and type in https://<domain>.atlassian.net/wiki/rest/api/content I successfully get the Json string i'm expecting.

 

 

Oh and I'm using the cloud version.

5 answers

2 accepted

0 votes
Answer accepted
Warren
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
July 31, 2019

Hi @Chris Cilino 

Have you tried to do the same thing via Postman (online or via app)? This isolates whether the problem is with your code or the authentication process, so can be useful.

Another option is to show more of your code here, because I've often seen people using the incorrect settings or missing a setting.

0 votes
Answer accepted
Kris G _Alacriz_
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
July 31, 2019

Looks like you are using a username for credentials. Can you try with your email as user ? 

Christopher Cilino
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
July 31, 2019

I’m actually using my email address. As i mentioned, atlassian is able to find my account because if i introduce a typo into my email address atlassian returns an error saying the account couldn’t be found. 

0 votes
Kelly Maurice March 20, 2024

II answered this by accident. I'm really trying to ask a question. It won't let me delete it or I would.

0 votes
Lukasz Grobelny
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
July 22, 2022

If anyone needs it in Java I can share the code

0 votes
Chris Cilino July 31, 2019

postman helped out a ton. turns out my base64 encoder was busted. Thanks War!

harpan September 9, 2019

Care to explain how this affected you. I am having the same issue, but I don't have any base64 encoding/decoding issue. I have the exact problem you have though, if I change the e-mail it recognizes that the account doesn't exist. If I run with my credentials that I can log into the website with, it just flat out 401s me. I run the API url in the web-browser when logged in and I get a nice API response.

In Postman I am running as an example a GET-call against <site>.atlassian.net/wiki/rest/api/content/

I have Type: Basic Auth, and create an Authorization header with my correct username and password. I leave the Body empty for the GET-request (I say this, because I actually want to POST and create a page, but easier to solve this issue with less complex variables).

Anyone know anything how to fix this or where the problem could be?

Warren
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
September 9, 2019

Hi @harpan 

You can't use your password for API calls via Postman or code, it needs to be an API token - see this article

Like # people like this
harpan September 9, 2019

Thank you, I actually found that answer on another page finally and tried it and it worked better! Thank you for the quick response!

Patrick Boyd August 6, 2020

so if you found the answer, you should post it here!

Like Engels Medina likes this
harpan August 7, 2020

It's what Warren said I believe, since this was almost a year ago, I don't really recall the exact details. But the error I was experiencing was trying to use Basic Authentication and using a password, you have to use/produce an API token instead. Sorry for not being clear before, but the "other page" I speak of just repeated what Warren said to me in his reply, that I can't use a password and have to use an API token. I believe it's because they changed how their system worked or something like it.

Patrick Boyd August 8, 2020

Just an FYI, tokens only work with Confluence cloud. If you are having issues with the REST api, make sure your username:password is encoded correctly. Also, if your company uses MITM inspection for packets and uses its own certs, this can mess with postman calls giving a 500 error. Use the curl method to make sure that it works and reset your failed logins frequently if you keep messing up in admin. There are lots of limitations to on-prem/server/datacenter instances of confluence, such as not being able to use the templates endpoint, but there are workarounds.

Like Kramer_ Kevin likes this
Gunnarsson Johan _2_ September 5, 2023

I seem terribly stuck on this, and yes I'm on an on-prem solution, but I can set up a token under settings (now three years after Boyd's post above. Does anyone know if it works? I'm failing at least. With very similar results to what has been mentioned above. I use token created on the site I can access, and do Base 64 Encoding etc. I use an internal account name, as that is what we use to authenticate via broswer. What else could be wrong? 

It would be great with a complete e2e sample of how to do this. 

I have had a solution working for well over a year using username+password, which was now deprecated over the summer. What are my options? 

Lukasz Grobelny
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
September 5, 2023

I had some code that was working for the Cloud written in Java, if you want I can look for this

Gunnarsson Johan _2_ September 5, 2023

Yes, would be very interesting to see. Especially what you feed into the base64- encoding.

Below is my code, on our on-prem servers - worked until end of June, and now adapted but still giving 401:

string confUrl = urlConfluenceBackupRoot + targetPageId + "?type=page&expand=body.storage,version";
String method = "GET";

string encodedCred = Convert.ToBase64String(Encoding.GetEncoding("ISO-8859-1").GetBytes(conflUserName + ":" + confluencePersonalAccessToken));

HttpWebRequest request = (HttpWebRequest)WebRequest.Create(confUrl);
request.Headers.Add("Authorization", "Basic " + encodedCred);
request.Headers.Add("X-Atlassian-Token", "no-check");

request.Method = method;
request.ContentType = "application/json";

WebResponse response;
try
{
  response = (HttpWebResponse)request.GetResponse();
  var reader = new System.IO.StreamReader(response.GetResponseStream());
  receiveContent = reader.ReadToEnd();
  reader.Close();
}
catch (WebException e)
{
  Debug.WriteLine(e.Message + " " + e.StackTrace?.ToString());
}

Lukasz Grobelny
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
September 7, 2023
JsonNodeFactory jnf = JsonNodeFactory.instance;
static String plainCredentials = "MAIL:TOKEN";
static String base64Credentials = new String(Base64.getEncoder().encode(plainCredentials.getBytes()));
// Create authorization header
static String authorizationHeader = "Basic " + base64Credentials;

this worked for the authorization to Cloud 

Like Gunnarsson Johan _2_ likes this
Gunnarsson Johan _2_ September 7, 2023

Thanks Lukasz! Great, what I missed was there was different ways to do this based on Cloud or On-premise deployments. I finally found out from the docs, but I think it was a bit unclear. I posted my working solution above. 

Think it's great we both posted, to help future readers :) (y). 

Like Lukasz Grobelny likes this
Lukasz Grobelny
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
September 22, 2023

Great minds think alike ;) 

Suggest an answer

Log in or Sign up to answer
TAGS
AUG Leaders

Atlassian Community Events