JIRA validate username and password

Nidhi@123 August 10, 2022

Hi,

 

I am trying to validate the username and password using Basic Authentication.
However whenever

1. i pass an Incorrect Username it returns 200 response and an empty list. 
2. If i pass an Incorrect Password it returns 401 response but the error message is incorrect it is:
"Basic authentication with passwords is deprecated. For more information, see: https://developer.atlassian.com/cloud/confluence/deprecation-notice-basic-auth/"

My request is:
curl --location --request GET 'https://<domain>/rest/api/3/project' \
--header 'Content-Type: application/json' \
--header 'Authorization: Basic <username:password encoded in base64>' \


Output that is required:
If username or password is invalid it should throw error with status 401 and message saying the same.

Can someone help me with this?

1 answer

1 vote
Petter Gonçalves
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
August 12, 2022

Hello Nidhi@123

Thank you for reaching out.

About the first behavior you mentioned, I totally agree with you that a 200 response is not what is expected when adding a wrong username in the authentication of the REST Call. We create the following bug to get this properly fixed:

Misleading response when running the Rest API to get projects 

P.S: Note that the API call rest/api/3/project is now deprecated, so you should use rest/api/3/project/search to properly get projects.

About the second behavior, I agree that the message about the deprecated password is not ideal as well, as the system is not able to fetch if the entered value is a Token or password in case it is incorrect. We created the following bug to improve that message as well:

Misleading error message when authenticating REST API calls with API Key instead of API Token 

Feel free to vote and watch the bugs to increase their priority and also receive notifications about any updates.

Let us know if you have any questions.

Suggest an answer

Log in or Sign up to answer
DEPLOYMENT TYPE
CLOUD
PERMISSIONS LEVEL
Site Admin
TAGS
AUG Leaders

Atlassian Community Events