HTTP Basic authentication not working anymore for jira.atlassian.com REST API

Raimonds Simanovskis
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
February 15, 2015

Hi

We were using jira.atlassian.com REST API to load some test JIRA data in our eazyBI reporting application and we were using REST API with HTTP Basic authentication (as otherwise some APIs like "user" didn't return any results) and using our jira.atlassian.com username and password. At least still in January 30 it was working.
But couple days ago I discovered that simple https://jira.atlassian.com/rest/api/latest/serverInfo with my username and password in HTTP Basic authentication header returns 403 Forbidden response.
If I try another Atlassian JIRA site, for example, https://ecosystem.atlassian.net/rest/api/latest/serverInfo with HTTP Basic authentication then it still works.
Does anyone knows what has changed in jira.atlassian.com authentication in recent weeks and why Basic authentication is not working anymore?
Kind regards,
Raimonds

2 answers

2 votes
peterb
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
February 18, 2015

You have to use Atlassian ID when you are logging in to jira.atlassian.com.

I have tested these commands and they work for me.

 

  1. Log in using Atlassian ID Rest resource and retrieve token:
  2. curl \
        -i -X POST \
        -H "Content-Type: application/json"\
        --data '{"username": "foobar@example.com", "password": "foobar"}'

     

    Response:

     

    TTP/1.1200OK
    Server: nginx
    Date: Mon, 03Feb 201405:57:27GMT
    Content-Type: application/json
    Transfer-Encoding: chunked
    Connection: keep-alive
    X-Frame-Options: DENY
    P3P: CP="This is not a P3P policy! See http://www.atlassian.com/company/privacy for more info."
    Set-Cookie: __ATL_TOKEN=L33TT0KEN; Version=1; Domain=.atlassian.com; Path=/; HttpOnly
    {"username":"foobar@example.com","xsrfToken":"xsrfToken","firstName":"Foo","lastName":"Bar"}
  3. Use the given cookie __ATL_TOKEN for subsequent requests

     

    curl \
        -D- -X GET \
        -H "Cookie:__ATL_TOKEN=L33TT0KEN; Version=1; Domain=.atlassian.com; Path=/; HttpOnly"\

Raimonds Simanovskis
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
February 18, 2015

My question is about jira.atlassian.com. As I said I was using my Atlassian ID for HTTP Basic authentication and jira.atlassian.com REST API was working with it until end of January. But something has changed in February and now just for jira.atlassian.com site REST API with HTTP Basic authentication is returning 403 Forbidden response.

Like Artur Fazylov likes this
Nikita Marchenko February 18, 2015

The server at extranet.atlassian.com can't be found, because the DNS lookup failed. Can you provide another url?

peterb
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
February 23, 2015

I will copy content from that page and paste it in a new answer.

peterb
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
February 23, 2015

Actually, I've edited this question instead.

peterb
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
February 23, 2015

Aargh, I mean this answer to the question.

Raimonds Simanovskis
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
March 2, 2015

Thanks, this is working for us as a workaround. But do you know the reason why normal HTTP Basic authentication is not working anymore for jira.atlassian.com?

peterb
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
March 2, 2015

I'm told that it's because Atlassian ID is now mandatory on this server.

0 votes
Nikita Marchenko February 18, 2015

I have a problem with basic auth too. Got 401. I tried culr wget http python-request. Samples from https://developer.atlassian.com/jiradev/api-reference/jira-rest-apis/jira-rest-api-tutorials/jira-rest-api-example-basic-authentication don't work. Please help.

peterb
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
February 18, 2015

Are you querying jira.atlassian.com, a local dev instance of JIRA or another instance?

Nikita Marchenko February 18, 2015

mirantis.jira.com and https://vetakoko.atlassian.net

Nikita Marchenko February 19, 2015

I found solution. I use email as login instead of username in jira. Please write this to doc file.

Suggest an answer

Log in or Sign up to answer