Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
Community Members
Community Events
Community Groups

403 forbidden error when using POST method to access rest api for Editing existing issue

I want to edit a field of an existing issue using rest api within request. I can acces GET method easily and get the data using rest api, but cannot access PUT/POST method(got 403()). So have added the following code,

type: 'POST',
contentType: 'application/json',
dataType: 'json',
data: {"fields": {"description": "testing"}},
url: '',
beforeSend: function (xhr){
xhr.setRequestHeader('Authorization', 'basic: '+ base_auth(user, password));
success: function (response) {
error: function (data, status, error) {
console.log('error', data, status, error);

function base_auth(user, password)
var loginDetail = user + ':' + password;
var tag = btoa(loginDetail);
return "Basic " + tag;


But, while using this i get the same error 403() not permitted and also beforeSend code does not get hit.

Already, have posted question regarding Edit and Update issue here.

If using CURL code can fix this issue, can you please suggest how to use the CURL code within request with a sample code.

2 answers

1 accepted

1 vote
Answer accepted

Hi Hari,

usually, you don't have to provide authentication headers when you use the AP.request method, see also the docs for this.

It might be the problem that you didn't specify the corresponding scope, you'd need the WRITE scope for this one, see also the docs here.


Hi Matthias,

Yes, I have added WRITE option in scopes and got the issue fixed already. Thanks a lot for your response.



Hello Hari,

I'm having the same issue however I don't completely understand how did you solve the problem. Can you explain how did you solve this?


Hi Nilay,

I have found a solution and works fine in cloud based connect add-on. Before working refer to 'Edit Issue' content in this docs.

To make an HttpRequest to the host product use AP.request method.

Then add WRITE scope in your atlassian-connect.json file. Here is the docs for adding scope.

Here is the sample code of giving request,

url: '{issueIdOrKey}',
type: 'PUT',
data: //put your data here as shown in the docs,
contentType: 'application/json',
success: function (response) {
//your code
error: function () {
//your code




It appears  POST or PUT requests using AP.request always results in 403 before reaching the route of the connect app, despite configuring the scope and adding an Authorized JTW heading.

However when using a GET request with AP.request, I did reach the route of the connect app. From then on, try to create a post request within.

Then I was thinking... what is wrong with the POST/PUT in AP.request?

However... I did manage to call the post function in index.js by using a post request with ASJ.$.ajax. There I have added headers: {"Authorization": "JWT " + jwt_token}.

On the index.js side:'/your-path', addon.checkValidToken(), async (req, res) => {

Suggest an answer

Log in or Sign up to answer

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you