Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Using Jira personal access tokens

vadim.nikolaiev
vadim.nikolaiev December 24, 2020

Hi

I am using Jira Server v8.14.0 and new feature - Personal access tokens. 

Why I got OK(200) when do a REST call with non-existent/invalid Bearer token?

Request example:
>curl -H "Authorization: Bearer qweqwe" http://localhost:8081/rest/api/2/project
[]

I expected to get an Unauthorize(401) error as for Basic authorization.

 

regards,

Vadim

Answer
Watch
Like Jenna likes this
518 views

1 answer

0 votes
Radek Dostál
Radek Dostál
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
December 25, 2020

I haven't yet tried the Server token, but could it be that your instance allows anonymous access?

With anonymous access, such as https://jira.atlassian.com, you can still browse issues, which means you can browse projects, and hence you should have valid results from the rest endpoint just like you would in the UI.

Again, not tested myself, but anonymous access would make sense to return an empty list. (Even if the token is invalid I suppose.)

Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira Software
TAGS
AUG Leaders

Atlassian Community Events

    See all events