Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

XSRF check failed

Salma_Khattab2310
Salma_Khattab2310
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
June 5, 2020

Am using the basic auth tocreate issue using the API in postman and it created successfully but when i do the same using the JS it gives me 403 XSRF check failed

 

here's the code

 

 $http.post("http://localhost:8080/rest/api/2/issue" , JSON.stringify(data),             {                headers: {                    'Authorization': 'Basic c2toYXR0YWI6T1BCcWFSaHBNZEZNM3JhUWhTeDJMbzRzR1M3U3NzMDBScGlRYU4=',                    'Content-Type': 'application/json',                    'Access-Control-Allow-Origin' : 'http://localhost:8080',                    'X-Atlassian-Token': 'no-check'                }            }            

Answer
Watch
Like Be the first to like this
1422 views

3 answers

0 votes
Ricardo Wolosker
Ricardo Wolosker March 6, 2024

também tentei colocar X-Atlassian-Token e não deu certo não.

 

Reply
0 votes
Ricardo Wolosker
Ricardo Wolosker March 6, 2024

poxa, que mandinga!!! será que se trocar o User-Agent funciona mesmo? DUVIDO!!

Reply
0 votes
Lukas Meili
Lukas Meili August 17, 2021

Hi, I know this is a very old issue but I just stumbled upon this problem as well and I thought I might be able to help people with the same issue. In our case, there were two possible solutions. 

- Change User Agents Header (not possible as far as I know in Chrome)

- Whitelist/Allowlist the origin domain in Jira. When you send a request to the Jira API your browser automatically populates the "origin" header. You need to add that value to the whitelist/allowlist in Jira. -> See here Configuring the allowlist | Jira | Atlassian Documentation
Type "Domain" should work.

 

See the issue documented by Atlassian:

REST API calls with a browser User-Agent header may fail CSRF checks | Jira | Atlassian Documentation

Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Atlassian Community Events

    See all events