Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
4,294,621
Community Members
 
Community Events
165
Community Groups

Not able to access JIRA API's (Issue does not exist or you do not have permission to see it)

Edited

Hi,

I am unable to get the result for JIRA API using postman. It is always telling me this error "Issue does not exist or you do not have permission to see it.". It is a trail tenant of JIRA.

In Posman, I tried using BasicAuth option by providing username and password (Password is the generated API Token).

 

Also I passed manually the header for "Authorization: Basic base64encode(<username>:<api_token>)" in HTTP request but that also failed. Can someone please help.

JIRA Error.JPG

1 answer

0 votes

Hello @Tanuj Gupta ,

Thanks for reaching out, and I tested the call on postman without issue, so this should be working and is most likely a formatting issue on the Auth details in the call or permissions on the instance for the user.

The error message you are receiving:  

"Issue does not exist or you do not have permission to see it."

Is indicating a permission or access error, however, there could be a few different sources for it, as noted in the documentation for the endpoint HERE "This operation can be accessed anonymously."  so this is a generic error for any time portion of the auth chain conflicts there is a read issue occurring, where the server responds generically to not give back too much information about the authorization details used for security reasons.   i.e.: a malicious actor could do a brute force of calls against an endpoint to attempt to verify the existence of an account for follow-up actions so the details about the authorization are intentionally vague.

The things to check are:

  1. Can the user access the issue from the UI? Check permissions in the instance
    1. if not set Project permissions for that user
    2. Permissions required:

  2. Is the username in an email format and is the email address valid?
    1. Check the username is formatted correctly as the user's e-mail used to log into Jira and is a valid user on the system
  3. The Password should be the API token when using basic auth
    1. I recommend going to https://id.atlassian.com/manage-profile/security/api-tokens and revoking the existing token and generating a new one to make sure there is no conflict in the API token directly

Check these items out and let me know if you are still having an issue

Regards,
Earl

Hi @Earl McCutcheon ,

Many thanks and thank you from the response. I am the administrator of JIRA, so I guess I am having the access of the issue.

Please note that I am using the gmail account email address.

As per your suggestion, I also logged-in using my username email address and I can browse the issue in UI successfully but still in Postman and even in NodeJS it is throwing the same error.

RestAPICall.JPG

RestAPICall.JPG

I also checked the username I am logged in using "My Profile" and it is having the same email address as I am giving to Postman or NodeJS.

Also when I am looking into Token ID, it is always telling me "Never Accessed"

RestAPICall.JPG

Can you suggest if I am correct or wrong?

Hello @Tanuj Gupta ,

Thanks for the additional details and the screenshots, and first up having Global administrator permissions do not necessarily mean that you can see all issues, But as you can see the issue in the Browser then this is not the case and the permissions are correct to see the issue so all is good there. but just as a reference point details on project permissions can be seen in "Manage project permissions", but on a free plan do note that permissions cannot be edited and are locked out, but you can still check the permissions which is helpful if you run into any issues during migration between a paid instance or a server instance to the free platform as there are a few scenarios where the permissions can cause a lockout as they are not editable once converted to the free plan.

The next point comes from the last screenshot where the API token "MyDevTest" is showing as "Never Accessed" which indicates that the input of this token from Postman and the attempt from the HTTP request using the BASE64 encoded username had the token fail or is not using the correct format so the token was never truly accessed.

In Postman using the username and password directly the formatting for this should not have any whitespace, either leading or trailing, check to make sure that the two fields don't have any extra spaces that may have been inadvertently copied over in front of or after the input string. 

As for BASE64 encoding on the value additional details can bee seen in the following document but the format for generating this in Windows or a Linux/Unix/MacOS systems would be as follows:

Windows:

$Text = ‘user@example.com:api_token_string’ $Bytes = [System.Text.Encoding]::UTF8.GetBytes($Text) $EncodedText = [Convert]::ToBase64String($Bytes) $EncodedText

Linux/Unix/MacOS:

echo -n user@example.com:api_token_string | base64

Also as mentioned in the KB above, you may have triggered a CAPTCHA.  Try logging out and back into your Jira instance to see if the CAPTCHA is enabled as it may have been triggered from previous formatting issues in the input strings causing multiple failed login attempts, where your current connected user session in the browser is still intact via a verified token but the subsequent Postman calls are getting blocked with the new login attempts behind a captcha.

Regards,
Earl

I'm having the same problem using a site-admin member account, I'm encoding the mail@mycompany.com:api_token_string using a pre-script in postman like this:

 

var token = pm.collectionVariables.get("token");
var user = pm.collectionVariables.get("user");
var encode = user+":"+token;

var CryptoJS = require("crypto-js")

//Encrypt
var rawStr = CryptoJS.enc.Utf8.parse(encode);
var base64 = CryptoJS.enc.Base64.stringify(rawStr);
console.log(`Encrypted value: ${base64}`);

pm.collectionVariables.set("myEncodedAuth"base64);
The variables are the mail and token strings as expected and the encoding seems to be ok according to the console.log results

I found that the Host header was not filled with our atlassian domain name, after fixing this value I'm getting the API results from postman without problems.

In other words, I was sending the request to our domain, so I was getting an obvious error, the method for encoding the user_mail:token using the pre-script inside postman works ok.

Suggest an answer

Log in or Sign up to answer
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
FREE
TAGS
Community showcase
Published in Jira Software

Upcoming changes to epic fields in company-managed projects

👋 Hi there Jira Community! A few months ago we shared with you plans around renaming epics in your company-managed projects. As part of these changes, we highlighted upcoming changes to epics on...

14,233 views 35 44
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you