Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Unable to the basic auth with api token

Robert Batson
Robert Batson September 3, 2019

We are currently having issues accessing the REST API.

I have been able to successfully access the REST API using the following method

curl -D- -X GET --user email:api_token -H "Content-Type: application/json" "https://id.atlassian.net/rest/api/2/issue/abcxyz-24"

However when I try the following method:

JIRA_BASIC_AUTH=$(echo email:api_token | base64)

curl -D- -X GET -H "Authorization: Basic $JIRA_BASIC_AUTH" -H "Content-Type: application/json" "https://id.atlassian.net/rest/api/2/issue/abcxyz-24"

I get 401 unauthorized. We have tried giving the user site admin, tried the email in upper and lower case, removing the padding from the base64, trying to use the user_id and replacing the api_token with the password. It is always a 401 though.

We do have another account that can successfully use the method below, but we can not determine what is different with these accounts:

JIRA_BASIC_AUTH=$(echo email:password | base64)

The fact that the first method works leads me to believe we are not correctly passing the token / using the basic auth correctly but it all seems pretty straight forward. 

Are there any other troubleshooting steps I can take.

Answer
Watch
Like Be the first to like this
1252 views

1 answer

0 votes
Earl McCutcheon
Earl McCutcheon
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
September 4, 2019

Hi Robert,

Basic Auth is being Phased out of the Cloud infrastructure, check out the details in the following Deprecation notice, but if a basic auth endpoint stops working it means it was removed and is not coming back and you will be required to use the Token based authentication:

Regards,
Earl

View More Comments
Robert Batson
Robert Batson September 5, 2019

I only see that Basic auth is being phased out where the password is being used. We can not get basic auth to work with the Api-token. Is the preferred method passing the `--user` flag?

Like
Earl McCutcheon
Earl McCutcheon
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
September 5, 2019

Hi Robert,

I see what you are saying, with the encoded user and token as the depreciation notice specifically notes "Support for passwords in REST API basic authentication is deprecated and will be removed in the future" and  "we strongly recommend that you use API tokens instead."

Overall I am not sure about this one, as the wording in the message is unclear and can be taken two ways of either the basic auth is removed entirely and use the simple exe passing the user:token directly, or the other option of passing in the api token instead of password for the basic auth, and we need to get this properly clarified, so I have created the following BUG report with some follow up with our API and documentation teams to provide some clarification:

But as it currently sits I can verify that the Base64 encoded username:API_token passed in base 64 is not working and gives the error as you noted, I am just not sure if this is part of the depreciation or not.  Make sure to add yourself to the bug report to get updates as we make progress on this and get this point clarified.

Regards,
Earl

Like
Robert Batson
Robert Batson September 5, 2019

Eric,

I appreciate your reply and action, very helpful.

 

Thanks,

 

Robert

Like Earl McCutcheon likes this
Earl McCutcheon
Earl McCutcheon
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
September 9, 2019

Hey Robert,

I got confirmation on this one that it is indeed the Documentation being incorrectly worded and the Basic auth option has been fully deprecated so the base 64 encoded option using the API token is not intended to function, and this is expected behavior.

We are tracking the Documentation update here:

Passing in the auth via  -u user:token option is the correct method for authentication moving forward.

Regards,
Earl

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira Software
TAGS
AUG Leaders

Atlassian Community Events

    See all events