Atlassian Crowd Yielding 401 Unauthorized for REST API calls via oauth

We have been successfully using atlassian-connect-express to connect to JIRA server instances but it appears the moment SSO is enabled in the target JIRA instance via Atlassian Crowd, we can no longer authenticate via oauth. The response we get directs us to `/secure/MyJiraHome.jspa`:

<html>
<head>
<title>Unauthorized (401)</title>



<!--[if IE]><![endif]--><script type="text/javascript">var contextPath = '';</script><script>window.WRM=window.WRM||{};window.WRM._unparsedData=window.WRM._unparsedData||{};window.WRM._unparsedErrors=window.WRM._unparsedErrors||{};WRM._unparsedData["com.atlassian.plugins.atlassian-plugins-webresource-plugin:context-path.context-path"]="\"\"";WRM._unparsedData["jira.webresources:feature-flags.feature-flag-data"]="{\"enabled-feature-keys\":[\"com.atlassian.jira.agile.darkfeature.editable.detailsview\",\"nps.survey.inline.dialog\",\"jira.plugin.devstatus.phasetwo\",\"jira.frother.reporter.field\",\"atlassian.rest.xsrf.legacy.enabled\",\"jira.issue.status.lozenge\",\"jira.project.config.new.version.menu\",\"com.atlassian.jira.config.BIG_PIPE\",\"jira.sidebar.components.managecomponents\",\"com.atlassian.jira.config.PDL\",\"jira.plugin.devstatus.phasetwo.enabled\",\"jira.project.config.old.components.screen.disabled\",\"atlassian.aui.raphael.disabled\",\"app-switcher.new\",\"frother.assignee.field\",\"com.atlassian.jira.projects.ProjectCentricNavigation.Switch\",\"jira.onboarding.cyoa\",\"com.atlassian.jira.config.ProjectConfig.MENU\",\"com.atlassian.jira.projects.sidebar.DEFER_RESOURCES\",\"jira.zdu.admin-updates-ui\",\"jira.zdu.jmx-monitoring\",\"sd.new.settings.sidebar.location.disabled\",\"jira.sidebar.components.manageversions\",\"jira.zdu.cluster-upgrade-state\",\"com.atlassian.jira.config.CoreFeatures.LICENSE_ROLES_ENABLED\",\"com.atlassian.feedback.feedback-button-move-to-header-enable\",\"jira.export.csv.enabled\"],\"feature-flag-states\":{\"sd.customer.profile.multi.languages\":true,\"sd.customer.portal.transitions\":true,\"jira.jql.autoselectfirst\":true,\"sd.customer.portal.transitions.config\":true,\"sd.new.settings.sidebar.location\":true,\"sd.invite.customer.new.dialog\":true,\"sd.workload.report.paginator\":true,\"sd.experimental.portal.search.algorithm.default.1\":false,\"sd.customer.portal.help.center.agent.announcement\":true,\"sd.experimental.portal.search.algorithm.default.2\":false,\"sd.custom.email.notifications.utf8.csat.star\":true,\"sd.stats.event.tracking\":true,\"sd.password.helper.dialog\":true,\"sd.portal.help.center.customer.signup.secondary.email\":true,\"sd.custom.email.notifications.manage.language\":true,\"sd.use.search.by.permissions\":true,\"sd.report.custom.date.range\":false,\"sd.kb.article.helpfulness.report\":false,\"sd.custom.email.notifications.styling\":true,\"sd.customer.portal.two.step.login\":false,\"sd.customer.org.list.page.lazy.search\":true,\"sd.approval.requested.when.handler\":true,\"sd.automation.then.action.auto.answer.approval\":false,\"sd.kb.comment.share.stats.collection\":true,\"sd.customer.orgs.group.participants\":true,\"sd.portal.customer.invite.participants\":true,\"sd.portal.help.center.customer.signup\":true,\"sd.sla.agent.jql.security.restricted\":true,\"sd.test.feature.flag.x\":true,\"sd.test.feature.flag.y\":false,\"sd.email.channel.folders\":false,\"sd.email.analytics.open\":false,\"sd.kb.project.creation.create.link.space\":true,\"sd.confluence.anonymous.permission.fix\":true,\"sd.agent.always.can.invite.customer\":true,\"sd.customer.portal.project.agent.announcement\":true,\"sd.email.add.user.cc\":true,\"sd.automation.audit.log\":true,\"sd.new.project.templates\":false,\"sd.custom.email.notifications.custom.rules.simple.ui\":false,\"sd.custom.email.notifications.cut.over\":true,\"sd.automation.execution.vertigo.engine\":false,\"jira.instrumentation.laas\":false,\"sd.kb.self.service.report\":false,\"sd.no.schedule.async.upgrade.tasks\":false,\"sd.kb.primary.nav\":true,\"sd.kb.issueview.panel.phase2\":true,\"sd.email.outsider.comments\":false,\"jira.create.linked.issue\":true,\"sd.kb.issueview.panel\":true,\"sd.approvals.light.weight\":false,\"sd.automation.then.webhook\":true,\"sd.global.portal.search.atlassian.only.tracking\":false}}";WRM._unparsedData["jira.webresources:default-comment-security-level.DefaultCommentSecurityLevelHelpLink"]="{\"extraClasses\":\"default-comment-level-help\",\"title\":\"Commenting on an Issue\",\"url\":\"https://docs.atlassian.com/jira/jcore-docs-073/Editing+and+collaborating+on+issues#Editingandcollaboratingonissues-restrictacomment\",\"isLocal\":false}";WRM._unparsedData["com.atlassian.jira.project-templates-plugin:project-templates-plugin-resources.ptAnalyticsData"]="{\"instanceCreatedDate\":\"2010-07-15\"}";WRM._unparsedData["com.onresolve.jira.groovy.groovyrunner:web-item-response-renderer.web-item-actions-data-provider"]="[{\"action\":\"RUN_CODE_SHOW_FLAG\",\"id\":\"#run-timesheet-script-previous\"},{\"action\":\"RUN_CODE_SHOW_FLAG\",\"id\":\"#run-timesheet-script-current\"}]";WRM._unparsedData["jira.webresources:dateFormatProvider.allFormats"]="{\"dateFormats\":{\"meridiem\":[\"AM\",\"PM\"],\"eras\":[\"BC\",\"AD\"],\"months\":[\"January\",\"February\",\"March\",\"April\",\"May\",\"June\",\"July\",\"August\",\"September\",\"October\",\"November\",\"December\"],\"monthsShort\":[\"Jan\",\"Feb\",\"Mar\",\"Apr\",\"May\",\"Jun\",\"Jul\",\"Aug\",\"Sep\",\"Oct\",\"Nov\",\"Dec\"],\"weekdaysShort\":[\"Sun\",\"Mon\",\"Tue\",\"Wed\",\"Thu\",\"Fri\",\"Sat\"],\"weekdays\":[\"Sunday\",\"Monday\",\"Tuesday\",\"Wednesday\",\"Thursday\",\"Friday\",\"Saturday\"]},\"lookAndFeelFormats\":{\"relativize\":\"false\",\"time\":\"h:mm a\",\"day\":\"EEEE h:mm a\",\"dmy\":\"MMM/dd/yy\",\"complete\":\"MMM/dd/yy h:mm a\"}}";WRM._unparsedData["jira.webresources:avatar-picker.data"]="{}";WRM._unparsedData["com.atlassian.feedback.jira-feedback-plugin:button-resources-init.data"]="{\"jira.feedback.plugin.issue.collector.core\":\"https://jira.atlassian.com/s/576e9ab86257d4f65f6ea5b6dd50de44-T/en_UK3ljiw5/71006/b6b48b2829824b869586ac216d119363/2.0.11/_/download/batch/com.atlassian.jira.collector.plugin.jira-issue-collector-plugin:issuecollector-embededjs/com.atlassian.jira.collector.plugin.jira-issue-collector-plugin:issuecollector-embededjs.js?locale=en-UK&collectorId=abbf546d\",\"jira.feedback.plugin.issue.collector.default\":\"https://jira.atlassian.com/s/576e9ab86257d4f65f6ea5b6dd50de44-T/en_UK3ljiw5/71006/b6b48b2829824b869586ac216d119363/2.0.11/_/download/batch/com.atlassian.jira.collector.plugin.jira-issue-collector-plugin:issuecollector-embededjs/com.atlassian.jira.collector.plugin.jira-issue-collector-plugin:issuecollector-embededjs.js?locale=en-UK&collectorId=abbf546d\",\"jira.feedback.plugin.issue.collector.service.desk\":\"https://jira.atlassian.com/s/576e9ab86257d4f65f6ea5b6dd50de44-T/en_UK3ljiw5/71006/b6b48b2829824b869586ac216d119363/2.0.11/_/download/batch/com.atlassian.jira.collector.plugin.jira-issue-collector-plugin:issuecollector/com.atlassian.jira.collector.plugin.jira-issue-collector-plugin:issuecollector.js?locale=en-UK&collectorId=a698db21\",\"jira.feedback.plugin.issue.collector.software\":\"https://jira.atlassian.com/s/576e9ab86257d4f65f6ea5b6dd50de44-T/en_UK3ljiw5/71006/b6b48b2829824b869586ac216d119363/2.0.11/_/download/batch/com.atlassian.jira.collector.plugin.jira-issue-collector-plugin:issuecollector-embededjs/com.atlassian.jira.collector.plugin.jira-issue-collector-plugin:issuecollector-embededjs.js?locale=en-UK&collectorId=abbf546d\",\"isHeaderFeedbackButtonEnabled\":true}";WRM._unparsedData["com.atlassian.jira.jira-header-plugin:dismissedFlags.flags"]="{\"dismissed\":[]}";WRM._unparsedData["com.atlassian.plugins.helptips.jira-help-tips:help-tip-manager.JiraHelpTipData"]="{\"anonymous\":true}";WRM._unparsedData["com.atlassian.jira.jira-header-plugin:newsletter-signup-tip.newsletterSignup"]="{\"signupDescription\":\"Stay up-to-date with the latest JIRA tips, tricks, and exclusive inside jokes. All this and more in JIRA Insiders, delivered every month from our inbox to yours.\",\"formUrl\":\"https://www.atlassian.com/apis/exact-target/{0}/subscribe?mailingListId=1239131\",\"signupTitle\":\"JIRA Insiders\",\"signupId\":\"newsletter-signup-tip\",\"showNewsletterTip\":false}";WRM._unparsedData["com.atlassian.servicedesk.core-ui:util-help-links.help-links"]="{\"help\":{\"email.settings\":\"https://docs.atlassian.com/jira/jsd-docs-033/Receiving+requests+by+email\",\"managing.queues\":\"https://docs.atlassian.com/jira/jsd-docs-033/Setting+up+queues+for+your+team\",\"email.setup\":\"https://docs.atlassian.com/jira/jsd-docs-033/Receiving+requests+by+email\",\"request.settings.help.bubble\":\"https://docs.atlassian.com/jira/jsd-docs-033/Managing+access+to+your+service+desk\",\"email.settings.suitablerequest\":\"https://docs.atlassian.com/jira/jsd-docs-033/Receiving+requests+by+email#Receivingrequestsbyemail-suitablerequest\",\"documentation.home\":\"https://docs.atlassian.com/jira/jsd-docs-033/JIRA+Service+Desk+Documentation\",\"default\":\"https://docs.atlassian.com/jira/jsd-docs-033/\",\"create.space.help\":\"https://docs.atlassian.com/jira/jsd-docs-033/Serving+customers+with+a+knowledge+base#serving-customers-with-a-knowledge-base-createpermission\",\"email.settings.troubleshooting\":\"https://docs.atlassian.com/jira/jsd-docs-033/Troubleshooting+issues+with+the+email+channel\",\"admin.notifications.config\":\"https://docs.atlassian.com/jira/jsd-docs-033/Managing+service+desk+notifications\",\"troubleshoot.requesttype\":\"https://docs.atlassian.com/jira/jsd-docs-033/Troubleshooting+issues+with+request+types\",\"approvals.configuration\":\"https://docs.atlassian.com/jira/jsd-docs-033/Configuring+JIRA+Service+Desk+approvals\",\"setting.up.reports\":\"https://docs.atlassian.com/jira/jsd-docs-033/Setting+up+service+desk+reports\",\"public.signup\":\"https://docs.atlassian.com/jira/jsd-docs-033/Configuring+public+signup\",\"knowledge.base\":\"https://docs.atlassian.com/jira/jsd-docs-033/Serving+customers+with+a+knowledge+base\",\"resolve.permission.scheme.errors\":\"https://docs.atlassian.com/jira/jsd-docs-033/Resolving+permission+scheme+errors\",\"getting.started\":\"https://docs.atlassian.com/jira/jsd-docs-033/Getting+started+with+JIRA+Service+Desk\",\"getting.started.agent\":\"https://docs.atlassian.com/jira/jsd-docs-033/Getting+started+for+service+desk+agents\",\"invite.customers\":\"https://docs.atlassian.com/jira/jsd-docs-033/Managing+access+to+your+service+desk\"},\"kb\":{\"default\":\"https://confluence.atlassian.com/display/SDKB/\",\"troubleshooting.user.management.issues\":\"https://confluence.atlassian.com/display/SDKB/Troubleshooting+issues+with+service+desk+user+management\",\"legacytransition\":\"https://confluence.atlassian.com/display/SDKB/Replacing+legacy+automatic+transitions+with+automation+rules\",\"umtroubleshoot\":\"https://confluence.atlassian.com/display/SDKB/Troubleshooting+issues+with+service+desk+user+management\"}}";WRM._unparsedData["com.atlassian.servicedesk.core-ui:util-base-url.base-url"]="\"https://jira.hotschedules.com\"";WRM._unparsedData["com.atlassian.jira.plugins.jira-wiki-editor:wiki-editor-resources.help-data"]="{\"showHelp\":true,\"editorDocumentationUrl\":[\"https://docs.atlassian.com/jira/jcore-docs-073/Visual+editing\"],\"editorDocumentationTitle\":[\"Show me documentation for the visual editor\"]}";WRM._unparsedData["jira.webresources:user-message-flags.adminLockout"]="{}";if(window.WRM._dataArrived)window.WRM._dataArrived();</script><link type="text/css" rel="stylesheet" href="/s/b4b8c40f2a3bffc6f773e013754ff88a-CDN/hvqcc7/73012/74ac5f9968b29c4d31d424a3ec533c05/36bdaebd89070ad4ecdd9b63c8a47c95/_/download/contextbatch/css/_super/batch.css" data-wrm-key="_super" data-wrm-batch-type="context" media="all"><link type="text/css" rel="stylesheet" href="/s/0e37f2481c1133163f57b3d83bcbca72-CDN/hvqcc7/73012/74ac5f9968b29c4d31d424a3ec533c05/addfc011b07dafa83db67b6619cda379/_/download/contextbatch/css/atl.general,jira.global,jira.general,-_super/batch.css?agile_global_admin_condition=true&amp;is-server-instance=true&amp;jag=true&amp;sd_operational=true" data-wrm-key="atl.general,jira.global,jira.general,-_super" data-wrm-batch-type="context" media="all"><link type="text/css" rel="stylesheet" href="/s/90e738eca301c4d89366b1a4d15fe37f-T/hvqcc7/73012/74ac5f9968b29c4d31d424a3ec533c05/7.3.1/_/download/batch/com.atlassian.feedback.jira-feedback-plugin:button-resources-init/com.atlassian.feedback.jira-feedback-plugin:button-resources-init.css" data-wrm-key="com.atlassian.feedback.jira-feedback-plugin:button-resources-init" data-wrm-batch-type="resource" media="all"><script type="text/javascript" src="/s/4d93f0318af8a5ee86fb5c9418e48e9c-CDN/hvqcc7/73012/74ac5f9968b29c4d31d424a3ec533c05/36bdaebd89070ad4ecdd9b63c8a47c95/_/download/contextbatch/js/_super/batch.js?locale=en-US" data-wrm-key="_super" data-wrm-batch-type="context" data-initially-rendered></script><script type="text/javascript" src="/s/048f24b2f1d56f2912532b2ee6f2a419-CDN/hvqcc7/73012/74ac5f9968b29c4d31d424a3ec533c05/addfc011b07dafa83db67b6619cda379/_/download/contextbatch/js/atl.general,jira.global,jira.general,-_super/batch.js?agile_global_admin_condition=true&amp;is-server-instance=true&amp;jag=true&amp;locale=en-US&amp;sd_operational=true" data-wrm-key="atl.general,jira.global,jira.general,-_super" data-wrm-batch-type="context" data-initially-rendered></script><script type="text/javascript" src="/s/93e9281b50faa61bd9c9d36665b959c0-CDN/hvqcc7/73012/74ac5f9968b29c4d31d424a3ec533c05/7cd786392e3760cc273dac8d1e5b4d79/_/download/contextbatch/js/atl.global,-_super/batch.js?locale=en-US" data-wrm-key="atl.global,-_super" data-wrm-batch-type="context" data-initially-rendered></script><script type="text/javascript" src="/s/d41d8cd98f00b204e9800998ecf8427e-CDN/hvqcc7/73012/74ac5f9968b29c4d31d424a3ec533c05/4.3.2/_/download/batch/com.atlassian.jira.jira-projects-plugin:data/com.atlassian.jira.jira-projects-plugin:data.js" data-wrm-key="com.atlassian.jira.jira-projects-plugin:data" data-wrm-batch-type="resource" data-initially-rendered></script><script type="text/javascript" src="/s/d41d8cd98f00b204e9800998ecf8427e-CDN/hvqcc7/73012/74ac5f9968b29c4d31d424a3ec533c05/4.3.2/_/download/batch/com.atlassian.jira.jira-projects-plugin:projects-api/com.atlassian.jira.jira-projects-plugin:projects-api.js" data-wrm-key="com.atlassian.jira.jira-projects-plugin:projects-api" data-wrm-batch-type="resource" data-initially-rendered></script><script type="text/javascript" src="/s/d41d8cd98f00b204e9800998ecf8427e-CDN/hvqcc7/73012/74ac5f9968b29c4d31d424a3ec533c05/7.3.1/_/download/batch/com.atlassian.feedback.jira-feedback-plugin:button-resources/com.atlassian.feedback.jira-feedback-plugin:button-resources.js" data-wrm-key="com.atlassian.feedback.jira-feedback-plugin:button-resources" data-wrm-batch-type="resource" data-initially-rendered></script><link type="text/css" rel="stylesheet" href="/s/3a0a21d4f1f94032c661993367990359-CDN/hvqcc7/73012/74ac5f9968b29c4d31d424a3ec533c05/95f098a0f02448092395a19c2113be5f/_/download/contextbatch/css/jira.global.look-and-feel,-_super/batch.css" data-wrm-key="jira.global.look-and-feel,-_super" data-wrm-batch-type="context" media="all">
<script type="text/javascript" src="/rest/api/1.0/shortcuts/73012/ecb880ecf8d2c947467e6425613a4f22/shortcuts.js"></script><meta name="stp-license-product-name" content="JIRA"/> <meta name="stp-license-days-to-expiry" content="365"/> <meta name="stp-license-is-admin" content="false"/> <meta name="stp-license-should-keep-banner-hidden" content="true"/><script>

window._AP = window._AP ||{};

window._AP.dialogOptions ={};

window._AP.inlineDialogOptions ={};</script>


<meta name="application-name" content="JIRA" data-name="jira" data-version="7.3.1"></head><body id="jira" class="aui-layout aui-style-default page-type-message" data-version="7.3.1" >
<div class="aui-page-panel"><div class="aui-page-panel-inner">
<section class="aui-page-panel-content">
<header class="aui-page-header"><div class="aui-page-header-inner">
<div class="aui-page-header-main">
<h1>Unauthorized (401)</h1>
</div><!-- .aui-page-header-main -->
</div><!-- .aui-page-header-inner --></header><!-- .aui-page-header -->
<div class="aui-message aui-message-warning warning">
<p>Encountered a <code>&quot;401 - Unauthorized&quot;</code> error while loading this page.</p>
<p><a href="/secure/MyJiraHome.jspa">Go to JIRA home</a></p>
</div>
</section><!-- .aui-page-panel-content -->
</div><!-- .aui-page-panel-inner --></div><!-- .aui-page-panel --></body></html>

 If SSO is not enabled then things work just fine and we are able to authenticate successfully. How do we authenticate against Crowd in order to issue jira-rest-api calls? Does our server need to be added to some whitelist within the target instance's Crowd configuration?