You're on your way to the next level! Join the Kudos program to earn points and save your progress.
Level 1: Seed
25 / 150 points
Next: Root
1 badge earned
Challenges come and go, but your rewards stay with you. Do more to earn more!
What goes around comes around! Share the love by gifting kudos to your peers.
Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!
Join now to unlock these features and more
The Atlassian Community can help you and your team get more value out of Atlassian products and practices.
When trying to establish the OAuth link between Jira Align and Jira, the applications aren't able to authenticate to each other.
After clicking the "Request Jira for access" button in the Jira Connector window, you receive the following error:
Welcome to JIRA
The request token cannot be authorized at this time. Try again later and if you continue to receive this error, contact the site administrator.
You will also see the following in the address bar of your browser:
https://<jira-URL>/plugins/servlet/oauth/authorize?oauth_problem=signature_invalid&oauth_signature=...
The Application URL on the Jira side of the link does not match the URL that Jira Align is reporting. This can be caused by one of the following scenarios:
proxy_cache
directive. <jira-install>/conf/server.xml
is set to true.In any of these scenarios, the affected applications will usually display other problems as well.
Applicable to scenario 3.
Applicable to scenario 3.
The Application URL should match the Base URL of the other application unless you're bypassing a reverse proxy.
If the Application URL does not match the Base URL (and you're not bypassing a reverse proxy) then delete and recreate the Application Link.
Applicable to scenario 4.
If using a reverse proxy or port forwarding, ensure the application is correctly configured for use with a reverse proxy.
proxy_cache
directiveApplicable to scenario 4.
NGINX caching rewrites HEAD requests to GET requests by default which will interfere with application link communication between Atlassian products.
proxy_cache
directive in the Nginx configurationWorkaround 2: If the proxy_cache
directive is required, then add this to the NGINX configuration which will allow caching to remain enabled without breaking OAuth communication:
proxy_cache_convert_head off;
proxy_cache_key $scheme$request_method$proxy_host$request_uri;
Applicable to scenario 3.
<Connector port="8080" relaxedPathChars="[]|" relaxedQueryChars="[]|{}^\`"<>" maxThreads="150" minSpareThreads="25" connectionTimeout="20000" enableLookups="false" maxHttpHeaderSize="8192" protocol="HTTP/1.1" useBodyEncodingForURI="true" redirectPort="8443" scheme="https" proxyPort="443" proxyName="jira.domain.xyz" acceptCount="100" disableUploadTimeout="true" bindOnInit="false"/>
<Connector port="8081" relaxedPathChars="[]|" relaxedQueryChars="[]|{}^\`"<>" maxThreads="150" minSpareThreads="25" connectionTimeout="20000" enableLookups="false" maxHttpHeaderSize="8192" protocol="HTTP/1.1" useBodyEncodingForURI="true" redirectPort="8443" scheme="https" proxyPort="443" proxyName="jiraAPI.domain.xyz" acceptCount="100" disableUploadTimeout="true" bindOnInit="false"/>
James McCulley
Atlassian TeamNetwork & Security Solutions Architect
Atlassian
0 comments