Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

403 forbidden error when using POST method to access rest api for Editing existing issue

Hari Prasath P
Hari Prasath P
Contributor
September 19, 2017

I want to edit a field of an existing issue using rest api within request. I can acces GET method easily and get the data using rest api, but cannot access PUT/POST method(got 403()). So have added the following code,

AP.request({
 type: 'POST',
 contentType: 'application/json',
 dataType: 'json',
 data: {"fields": {"description": "testing"}},
 url: 'https://mysite.atlassian.net/rest/api/2/issue/XYZ-5',
 beforeSend: function (xhr){ 
 xhr.setRequestHeader('Authorization', 'basic: '+ base_auth(user, password));
 },
 success: function (response) {
 alert("success");
 },
 error: function (data, status, error) {
 alert("failed");
 console.log('error', data, status, error);
 }
});

function base_auth(user, password)
 {
 var loginDetail = user + ':' + password;
 var tag = btoa(loginDetail);
 return "Basic " + tag;
 }

 

But, while using this i get the same error 403() not permitted and also beforeSend code does not get hit.

Already, have posted question regarding Edit and Update issue here.

If using CURL code can fix this issue, can you please suggest how to use the CURL code within request with a sample code.

Answer
Watch
Like Be the first to like this
20682 views

2 answers

1 accepted

1 vote
Answer accepted
Matthias Gaiser _K15t_
Matthias Gaiser _K15t_
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
October 25, 2017

Hi Hari,

usually, you don't have to provide authentication headers when you use the AP.request method, see also the docs for this.

It might be the problem that you didn't specify the corresponding scope, you'd need the WRITE scope for this one, see also the docs here.

Cheers,
Matthias

View More Comments
Hari Prasath P
Hari Prasath P
Contributor
October 25, 2017

Hi Matthias,

Yes, I have added WRITE option in scopes and got the issue fixed already. Thanks a lot for your response.

Cheers,

Hari

Like
Reply
0 votes
Nilay
Nilay
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
March 8, 2018

Hello Hari,

I'm having the same issue however I don't completely understand how did you solve the problem. Can you explain how did you solve this?

Cheers,
Nilay.

View More Comments
Hari Prasath P
Hari Prasath P
Contributor
March 9, 2018

Hi Nilay,

I have found a solution and works fine in cloud based connect add-on. Before working refer to 'Edit Issue' content in this docs.

To make an HttpRequest to the host product use AP.request method.

Then add WRITE scope in your atlassian-connect.json file. Here is the docs for adding scope.

Here is the sample code of giving request,

AP.request({
 url: 'https://your-domain.atlassian.net/rest/api/2/issue/{issueIdOrKey}',
 type: 'PUT',
 data: //put your data here as shown in the docs,
 contentType: 'application/json',
 success: function (response) {
 //your code 
 },
 error: function () {
 //your code 
 }
}); 

 

Cheers,

Hari

Like
Kin
Kin
Contributor
August 11, 2020

It appears  POST or PUT requests using AP.request always results in 403 before reaching the route of the connect app, despite configuring the scope and adding an Authorized JTW heading.

However when using a GET request with AP.request, I did reach the route of the connect app. From then on, try to create a post request within.

Then I was thinking... what is wrong with the POST/PUT in AP.request?


However... I did manage to call the post function in index.js by using a post request with ASJ.$.ajax. There I have added headers: {"Authorization": "JWT " + jwt_token}.

On the index.js side: 

app.post('/your-path', addon.checkValidToken(), async (req, res) => {
    ...
});
Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Atlassian Community Events

    See all events