401 Unauthorized from Account that Previously Worked

Morgan Patch July 20, 2017

Hi, I've been using the JIRA REST API for some software I'm developing for a few weeks now, and it was working perfectly. I use HTTP Basic authentication for the time being, and had no issues.

As of yesterday, despite no changes in my application or my login credentials, I started getting 401 Unauthorized errors. Since the credentials the application was using were unchanged, I figured maybe I'd tripped some sort of account protection feature or something? I tried accessing the API through curl (e.g. `curl -u user:pass -X GET -H "Content-Type: application/json" https://my-jira.atlassian.net/rest/api/2/issue`, and got the same 401.

I tried logging out and back into the web interface, but was met with no login issues or challenges. Even after logging back in, I still saw the same issues from curl.

I thought maybe it was a rate limiting issue, and left it alone for a while. But when I came back this morning, I was still getting the 401.

Finally, without any idea what else to do, I changed my Atlassian password, and tried using curl again with the new password -- suddenly it worked.

I'm afraid that my software may be tripping some kind of account protection or spam blocking feature, but I can't find any documentation on any such thing. Moreover, I'm concerned about the fact that the only recourse I could find was to change my password, and that the web interface provided no hint that there was any issue.

Has anyone else seen this before? How can I prevent this from happening again, and what can I do if it does?

Thanks.

2 answers

0 votes
Balaji R January 23, 2019

Hi Morgan,

Me too currently facing the same issue which you elaborated.
By any chance you got a solution for this?

0 votes
Jobin Kuruvilla [Adaptavist]
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
July 20, 2017

That is indeed strange. It is not a normal behavior for sure.

By any chance, did you have a session that was open in the web interface? Or are you using SSO to authenticate?

Suggest an answer

Log in or Sign up to answer