Hello together,
today afternoon I tried to connect to my REST-API of Jira Server 8.13.3.
I get this as response, using Postman with Basic Auth.:
<html>
<head>
<title>Unauthorized (401)</title>
<!--[if IE]><![endif]-->
<script type="text/javascript">
(function() {
var contextPath = '/jira';
function printDeprecatedMsg() {
if (console && console.warn) {
console.warn('DEPRECATED JS - contextPath global variable has been deprecated since 7.4.0. Use `wrm/context-path` module instead.');
}
}
Object.defineProperty(window, 'contextPath', {
get: function() {
printDeprecatedMsg();
return contextPath;
},
set: function(value) {
printDeprecatedMsg();
contextPath = value;
}
});
})();
</script>
<script>
window.WRM=window.WRM||{};window.WRM._unparsedData=window.WRM._unparsedData||{};window.WRM._unparsedErrors=window.WRM._unparsedErrors||{};
WRM._unparsedData["com.atlassian.plugins.atlassian-plugins-webresource-plugin:context-path.context-path"]="\"/jira\"";
WRM._unparsedData["jira.core:feature-flags-data.feature-flag-data"]="{\"enabled-feature-keys\":...
WRM._unparsedData["com.atlassian.jira.project-templates-plugin:project-templates-plugin-resources.ptAnalyticsData"]="{\"instanceCreatedDate\":\"2011-07-08\"}";
WRM._unparsedData["com.atlassian.jira.plugins.jira-dnd-attachment-plugin:dnd-issue-drop-zone.thumbnail-mime-types"]="\"image/vnd.wap.wbmp,image/png,image/x-png,image/jpeg,image/bmp,image/gif\"";
WRM._unparsedData["com.atlassian.jira.plugins.jira-dnd-attachment-plugin:dnd-issue-drop-zone.upload-limit"]="\"52428800\"";
WRM._unparsedData["com.atlassian.jira.ext.calendar:tipDataProvider.tip"]="{\"suppressTip\":false}";
WRM._unparsedData["jira.core:user-message-flags-data.adminLockout"]="{}";
WRM._unparsedData["com.atlassian.plugins.helptips.jira-help-tips:help-tip-manager.JiraHelpTipData"]="{\"anonymous\":true}";
if(window.WRM._dataArrived)window.WRM._dataArrived();
...
<meta name="application-name" content="JIRA" data-name="jira" data-version="8.13.2">
</head>
<body id="jira" class="aui-layout aui-style-default page-type-message " data-version="8.13.2">
<div class="aui-page-panel">
<div class="aui-page-panel-inner">
<main role="main" id="main" class="aui-page-panel-content">
<div class="aui-page-header">
<div class="aui-page-header-inner">
<div class="aui-page-header-main">
<h1>Unauthorized (401)</h1>
</div>
</div>
</div>
<div class="aui-message aui-message-warning warning">
<p>Encountered a <code>"401 - Unauthorized"</code> error while loading this page.</p>
<p>Basic Authentication Failure - Reason : OK</p>
<p><a href="/jira/secure/MyJiraHome.jspa">Go to Jira home</a></p>
</div>
</main>
</div>
</div>
</body>
</html>
Maybe anyone can help. Strange is that the problem came in the afternoon. So we didn't change something and tested it this morning and it worked fine there.
Thank you guys
Have you looked at https://developer.atlassian.com/cloud/jira/platform/basic-auth-for-rest-apis/#get-an-api-token ? We needed to do at least a couple steps to get our Postman calls working with Jira REST API:
I am not remembering where we got the specifics of the `atlassian.xsrf.token` from but I found these two articles that might help:
https://confluence.atlassian.com/bamkb/rest-api-calls-fail-due-to-missing-xsrf-token-899447048.html
https://confluence.atlassian.com/stashkb/xsrf-security-token-missing-529661980.html
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hey @Alex Chousmith thanks for your response. I am using Jira Server. So is this also relevant for my current problem?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi @Tobias ,
A 401 error will occur if the credentials being passed to Jira Server in the API call's headers aren't valid, or if the user doesn't have permission to use the endpoint being called.
I can see you've pasted the source of the unauthorized page, but would you be able to do the following?
Cheers,
Daniel
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi @Daniel Eads
thanks for your help. We have kind of intranet before our Jira instance but this didn't produce any impact on our side.
I have got administrator rights in our Jira instance, so this couldn't be the problem. The endpoint is the following: https://<BASE-URL>/jiraTest/rest/api/2/issue (staging environment) with a POST statement and a body with some raw json-statement.
So i just wanted to test the API call with some json body. This worked last week but today it doesn't work anymore.
Some also told me to check if the URL (https://<BASE-URL>/jiraTest/rest) is reachable. But it seems to be a dead link.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
The endpoint:
https://<BASE-URL>/jiraTest/rest/api/2/issue
is valid as you've listed, assuming you can access the Jira Server instance at https://<BASE-URL>/jiraTest/ and log in there using the same account.
The documentation for Create Issue (a POST request on the /issue endpoint) notes that you'll receive a 400 rather than a 401 if you're missing a required field for a particular issue type. There's always a possibility of not having the right body when submitting a POST, although that doesn't seem to be the case here yet as the 401 indicates a general permission error.
What you might consider trying is a GET for an issue you know you can access with that account in the web interface - for example:
GET https://<BASE-URL>/jiraTest/rest/api/2/issue/TEST-123
That might help hone in on what seems to be problematic. If you can see that issue in Jira with that account but the GET still gives permission denied, I'd try double-checking how Postman is configured to send Basic Auth for the request (for example, if it's trying to use globally-saved permissions rather than ones you're setting on that specific request tab). You can also try curl from the command line as a "what if it's Postman that's causing problems?" check.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.