Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Celebration

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root

Avatar

1 badge earned

Collect

Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!

Challenges
Coins

Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.

Recognition
Ribbon

Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!

Leaderboard

Join now to unlock these features and more

JIRA REST API - Authentication issues

Yannick Kathmann
Yannick Kathmann Nov 24, 2020

Information:

- Version: Atlassian Jira Project Management Software (v8.14.0#814001

- Use case: Placing external links to JIRA issues

- URL: POST https://[jiraurl]/rest/api/latest/issue/[issuenumber]/remotelink

- Body:

{    "globalId""system=[externalurl]",    "application": {        "type""Something",        "name""Something"    },    "relationship""causes",    "object": {        "url""[externalurl]",        "title""Something",        "summary""Something",        "icon": {            "url16x16""[url]",            "title""Something"        }    }}

- Header: Authorization: Basic base64encoded(user:password)

Problem:

I have tried authenticating with both a regular password (now deprecated) and an application token. However the nginx server returns a 401 Unauthorized HTML:

Response headers: {Server=[nginx], Date=[Tue, 24 Nov 2020 12:34:30 GMT], Content-Type=[text/html;charset=UTF-8], Transfer-Encoding=[chunked], Connection=[keep-alive], X-AREQUESTID=[..], Referrer-Policy=[strict-origin-when-cross-origin], X-XSS-Protection=[1; mode=block], X-Content-Type-Options=[nosniff], X-Frame-Options=[SAMEORIGIN], Content-Security-Policy=[frame-ancestors 'self'], WWW-Authenticate=[Basic realm="protected-area", OAuth realm="[url]"], Content-Length=[-1]}
Response body:<html>

<head>
<title>Unauthorized (401)</title>

 

<!--[if IE]><![endif]-->
<script type="text/javascript">
(function() {
var contextPath = '';

function printDeprecatedMsg() {
if (console && console.warn) {
console.warn('DEPRECATED JS - contextPath global variable has been deprecated since 7.4.0. Use `wrm/context-path` module instead.');
}
}

... (there is more but don't think that's relevant)

The only way I can get it to work currently is to get the atlassian.xsrf.token Cookie and use that, but for an automated application this is not feasible to use.

Do we need to change something in our nginx configuration to allow for the authorization headers to come through?

Answer
Watch
Like Be the first to like this
3519 views

1 answer

1 accepted

0 votes
Answer accepted
Yannick Kathmann
Yannick Kathmann Nov 26, 2020

It has been resolved. It turns out the 'Basic' in the authorization header is case sensitive.

View More Comments
patriciaalejandra_gutierrez
patriciaalejandra_gutierrez Jan 24, 2022

Buen día 

Me puedes comentar como lo resolviste?

Like
Suresh Kamble
Suresh Kamble Mar 04, 2023

Hi @Yannick Kathmann

I am getting  same error like you while hitting REST call to Locally installed jira software 

Help to me resolve this 

http://localhost:8888/rest/api/2/issue/bulk

Authorization  Basic base64Encoder(user:password)

 











<html>

<head>
    <title>Unauthorized (401)</title>
    






<!--[if IE]><![endif]-->
<script type="text/javascript">
    (function() {
        var contextPath = '';

        function printDeprecatedMsg() {
            if (console && console.warn) {
                console.warn('DEPRECATED JS - contextPath global variable has been deprecated since 7.4.0. Use `wrm/context-path` module instead.');
            }
        }

        Object.defineProperty(window'contextPath', {
            get: function() {
                printDeprecatedMsg();
                return contextPath;
            },
            set: function(value) {
                printDeprecatedMsg();
                contextPath = value;
            }
        });
    })();

<
<script>
window.WRM=window.WRM||{};window.WRM._unparsedData=window.WRM._unparsedData||{};window.WRM._unparsedErrors=window.WRM._unparsedErrors||{};
WRM._unparsedData["jira.core:default-comment-security-level-data.DefaultCommentSecurityLevelHelpLink"]="{\"extraClasses\":\"default-comment-level-help\",\"title\":\"Commenting on an Issue\",\"url\":\"https://docs.atlassian.com/jira/jcore-docs-094/Editing+and+collaborating+on+issues#Editingandcollaboratingonissues-r

    <meta name="application-name" content="JIRA" data-name="jira" data-version="9.4.1">
</head>
<body id="jira" class="aui-layout aui-style-default page-type-message " data-version="9.4.1" >

<!-- HTTPError401 -->
    <div class="aui-page-panel" ><div class="aui-page-panel-inner">
            <main role="main" id="main" class="aui-page-panel-content" >
                    <div class="aui-page-header" ><div class="aui-page-header-inner">
                            <div class="aui-page-header-main" >
                                    <h1>Unauthorized (401)</h1>
                                </div>
                        </div></div>
                    <div class="aui-message aui-message-warning warning">
                            <p>Encountered a <code>&quot;401 - Unauthorized&quot;</code> error while loading this page.</p>
                            <p>Basic Authentication Failure - Reason : AUTHENTICATED_FAILED</p>
                            <p><a href="/secure/MyJiraHome.jspa">Go to Jira home</a></p>
                        </div>
                </main>
        </div></div>
</body>
</html>











<html>

<head>
    <title>Unauthorized (401)</title>
    






<!--[if IE]><![endif]-->
<script type="text/javascript">
    (function() {
        var contextPath = '';

        function printDeprecatedMsg() {
            if (console && console.warn) {
                console.warn('DEPRECATED JS - contextPath global variable has been deprecated since 7.4.0. Use `wrm/context-path` module instead.');
            }
        }

        Object.defineProperty(window'contextPath', {
            get: function() {
                printDeprecatedMsg();
                return contextPath;
            },
            set: function(value) {
                printDeprecatedMsg();
                contextPath = value;
            }
        });
    })();

{}),window.DeferScripts.totalClicks=0,window.DeferScripts.totalKeydowns=0,window.DeferScripts.clickListener=function(){"use strict";window.DeferScripts.totalClicks+=1},window.addEventListener("click",window.DeferScripts.clickListener),window.DeferScripts.keydownListener=function(){"use strict";window.DeferScripts.totalKeydowns+=1},window.addEventListener("keydown",window.DeferScripts.keydownListener)),window.resourcePhaseCheckpoint=Object.freeze({defer:new Promise(function(e){"use strict";window.__resourcePhaseCheckpointResolvers.resolveDeferPhaseCheckpoint=e}),interaction:new Promise(function(e){"use strict";window.__resourcePhaseCheckpointResolvers.resolveInteractionPhaseCheckpoint=e})}),Object.freeze(window.__resourcePhaseCheckpointResolvers);
!function(){"use strict";if("PerformanceObserver"in window){const e=[];window.__observedResources=e;const r=e=>"script"===e?"script":"css";new PerformanceObserver((n=>{n.getEntries().filter((({initiatorType:e,name:r})=>{const n="script"===e||((e,r)=>"link"===e&&"css"===new URL(r).pathname.split(".").pop())(e,r),i=new URL(location.href).origin===new URL(r).origin;return n&&i})).forEach((({name:n,transferSize:i,encodedBodySize:s,initiatorType:o})=>{e.push([i,s,n,r(o)])}))})).observe({type:"resource"})}}();

</script>
<script>
window.WRM=window.WRM||

<!-- HTTPError401 -->
    <div class="aui-page-panel" ><div class="aui-page-panel-inner">
            <main role="main" id="main" class="aui-page-panel-content" >
                    <div class="aui-page-header" ><div class="aui-page-header-inner">
                            <div class="aui-page-header-main" >
                                    <h1>Unauthorized (401)</h1>
                                </div>
                        </div></div>
                    <div class="aui-message aui-message-warning warning">
                            <p>Encountered a <code>&quot;401 - Unauthorized&quot;</code> error while loading this page.</p>
                            <p>Basic Authentication Failure - Reason : AUTHENTICATED_FAILED</p>
                            <p><a href="/secure/MyJiraHome.jspa">Go to Jira home</a></p>
                        </div>
                </main>
        </div></div>
</body>
</html>
Like
Nazrio
Nazrio
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
Sep 20, 2023

Did you find a solution?. Even i am facing this issue

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira Software
Jira Software
TAGS
AUG Leaders

Atlassian Community Events

See all events