Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

POST /rest/api/3/issue | OAuth 2.0 is not enabled for this method

Alex
Alex July 27, 2021

Hello,

I am using a 3LO app.

When trying to POST to https://api.atlassian.com/ex/jira/{CloudID}/rest/api/3/issue i get the error "OAuth 2.0 is not enabled for this method"

The documentation for this endpoint shows the required OAuth scope of "write:jira-work", meaning the endpoint should support OAuth 2.0. 

Other endpoints used so far by my project do not return this error. 

Answer
Watch
Like Be the first to like this
3116 views

3 answers

1 accepted

0 votes
Answer accepted
Alex
Alex August 3, 2021

Solution to my issue:

I was indeed trying to `GET` instead of `POST` to the /rest/api/3/issue endpoint. Correcting the method resulted in a successful API call. 

What threw me off was that the message returned by the API was  "OAuth 2.0 is not enabled for this method" and a code 500, instead of a 405 and something like "Method not supported for this endpoint". 

View More Comments
Dario B
Dario B
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
August 4, 2021

Hi @Alex ,

That's indeed a misleading error message. I can confirm that when using basic authentication and sending a GET request to the rest/api/3/issue endpoint (with no issue key and no request body) I get status code 405 in return, as expected.

I can proceed opening a bug request for it. Can you just confirm that the below description is correct?

When using Oauth2.0 (3LO) and sending a GET request to the rest/api/3/issue endpoint (with no issue key specified), status code 500 together with a misleading error message is returned: "OAuth 2.0 is not enabled for this method"

The expected status code would be 405 and the error message: "Method not supported for this endpoint"

When calling the same endpoint using basic authentication, as expected, status code 405 is returned instead.

However, before proceeding, can you confirm you get the same error message also if you call the same endpoint without providing any request body? (just send a GET request with no body towards the /rest/api/3/issue endpoint and confirm you get the same error message).

 

Cheers,
Dario

Like
Reply
0 votes
sagar kunjir
sagar kunjir December 15, 2021

Hi,

Follow OAuth 2.0 (3LO) apps (atlassian.com) to get bearer token

1. If you are using swagger code for jira oauth 2.0. Then you have to keep in mind base path should be https://api.atlassian.com/ex/jira/{CloudID} and local path should be  /rest/api/3/issue (Note : base path and local path should be correct )

add generated bearer token in request also.

2. If you are using postman then do authentication by bearer token.

Both things I have tried and got correct result.

 

Thanks :)  

Reply
0 votes
Dario B
Dario B
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
July 29, 2021

Hello @Alex ,

Welcome to the Atlassian Community!

I can confirm that Oauth2 is enabled for the rest/api/3/issue endpoint and it is supposed to be working.

Therefore, in order to try to understand what is failing, can you kindly let me know the following:

  1. Confirm you have added the permissions "Create and manage issues" and "View Jira issue data" to your app in the developer console
  2. Provide an example of couple of other endpoints that are working correctly
  3. Confirm whether you are sending the requests towards axxxxxxxx.atlassian.net or  axxxxxxxxx.jira.com and provide date time and timezone of the last failed attempt to call the endpoint so that I can check the logs

 

 

 

Finally, for the future, please notice that this is not the best place to get help on development related questions. The right resources are the ones listed in https://developer.atlassian.com/resources. 

View More Comments
Alex
Alex July 30, 2021

Hi Dario

1. Yes I did

2. I am also using the `GET /rest/api/3/project/{projectKey}/components` endpoint using the same authentication method, and it works without issue

3. My requests are sent to https://api.atlassian.com/ex/jira/{CloudID}/ as per the documentation: https://developer.atlassian.com/cloud/jira/platform/oauth-2-3lo-apps/#3--make-calls-to-the-api-using-the-access-token 

I made a request that returned the OAuth not supported error on "Fri, 30 Jul 2021 17:12:11 GMT"

Like
Dario B
Dario B
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
August 3, 2021

@Alex ,

I believe there is a misunderstanding on point #3.

I am not asking which endpoint url you are calling. I am asking against which one of the 2 Jira sites you have access to you are sending the REST API calls, so that I can go check the logs.

Please let me know.

Like
Alex
Alex August 3, 2021

@Dario B My apologies! 

I am sending to the appXXXXXX.jira.com site.

Like Dario B likes this
Dario B
Dario B
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
August 3, 2021

@Alex ,

I am searching the logs for all the POST requests sent to  https://api.atlassian.com/ex/jira/{CloudID}/ between 17:12 CEST and 19:13 CEST and I can find only 2 post requests with no user-agent against the REST API v2 search endpoint:

Search query:

fields.host="api.atlassian.com" fields.request_url="*jira/5e3XXXXXXXXXXXXXXXXXXXXXXXXXXXd/*" fields.request_method=POST

 

Results:

_time Source IP Method Status Code Duration Request ID Request URL Query Refers To User Agent
2021-07-30 18:13:41.862 54.xxxxx4 POST 200 5.835576 109ea548d73f2de9 /ex/jira/5e3XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXd/rest/api/2/search - - -
2021-07-30 18:13:22.139 54xxxxxx4 POST 200 13.942459 617c77029dd50ea0 /ex/jira/5e3XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXd/rest/api/2/search - - -

 

Actually, if I search for all the POST requests sent against the given Jira site on the 30 of July, I only get similar results (requests with no user agent run against the v2 search endpoint). 

Now, in order to proceed:

  1. Can you confirm you have sent a POST request against the rest/api/3/issue endpoint on appXXXXXX.jira.com?
  2. Can let me know whether the time is GMT/UTC or BST (British Summer Time)?
  3. Are you using any user-agent? In case you do, which one? 
  4. Have you tried to reproduce the same issue against your test instance? What was the result?

 

Cheers,
Dario

Like
Alex
Alex August 3, 2021

Hey @Dario B 

Thanks again for your help, I was able to resolve my issue. 

I was indeed trying to `GET` instead of `POST` to the /rest/api/3/issue endpoint. Correcting the method resulted in a successful API call. 

What threw me off was that the message returned by the API was  "OAuth 2.0 is not enabled for this method" and a code 500, instead of a 405 and something like "Method not supported for this endpoint". 

Like Dario B likes this
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira Software
TAGS
AUG Leaders

Atlassian Community Events

    See all events