aws lambda (python) integration with jira cloud, best way to authenticate

Hello everyone,

When exploring options to authenticate api(lambda + python)  with Jira I found these 2 options:

1. https://support.atlassian.com/atlassian-account/docs/manage-api-tokens-for-your-atlassian-account/

using API tokens this is already working for me 

2. https://developer.atlassian.com/cloud/jira/platform/oauth-2-3lo-apps/

using refresh tokens, with this option I'm still getting  the below error:

{
"code": 401,
"errorMessage": "Unauthorized"
}

does anyone know what is the best option ?