I'm attempting to hit the JIRA Cloud REST API v3 in a React application in order to automate some reports for my team. I am using the native fetch to make the call.
However, the pre-flight OPTIONS request that gets sent is returning a 415. I have the content type set to "application/json" (as well as the "accepts").
I more or less copied the NodeJS example from the docs (swapping out for things within my Jira instance of course): https://developer.atlassian.com/cloud/jira/platform/rest/v3/api-group-issue-search/#api-rest-api-3-search-post
Any thoughts on what steps I could try next?
I was able to figure out what was happening. I am using create react app and http-proxy-middleware (per the CRA docs). HPM forwards all headers and because there is a User-Agent header attached to the POST request, Atlassian REST was rejecting it (even though the request was coming from Node and not the browser). I removed the User-Agent header and the request was able to complete.
For those curious or running into a similar situation here is the code, specifically for http-proxy-middleware.
app.use(
'/api',
createProxyMiddleware({
target: JIRA_REST_URI,
changeOrigin: true,
logger: console,
on:{
proxyReq(proxyReq){
proxyReq.setHeader('Authorization', `Basic ${Buffer.from(process.env.REACT_APP_JIRA_API_IDENTITY+':'+process.env.REACT_APP_JIRA_API_TOKEN).toString('base64')}`);
proxyReq.setHeader('X-Atlassian-Token','no-check');
proxyReq.removeHeader('User-Agent');
}
}
})
);
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hey @Joel Kinzel ,
From the error code, it seems that your authorisation and connection is there, however, it seems like the payload format isn't recognised. If you're using json, then is more often than not, likely a case of a single quote to double quotes problem. But I'm not sure. Can you copy your code here but truncate any references to your Jira instance. I want to check it.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Thanks Francis, I copied the code from the example. I've confirmed that the API key is being properly loaded in the call. As I mentioned, the issue appears to be the pre-flight OPTIONS request that Chrome sends. It returns a 415 and thus the POST never actually fires. I have tried adding "mode: cors" and "mode: no-cors" but those don't work either. Here is the fetch code:
const res = await fetch('https://acmeco.atlassian.net/rest/api/3/search', {
method: 'POST',
mode: "cors",
headers: {
'Authorization': `Basic ${Buffer.from('jkinzel@acmeco.com:'+process.env.REACT_APP_JIRA_API_TOKEN).toString('base64')}`,
'Accept': 'application/json',
'Content-Type': 'application/json'
},
body: `{
"expand": [
"names",
"schema",
"operations"
],
"fields": [
"summary",
"status",
"assignee"
],
"fieldsByKeys": false,
"jql": "project = \"AMP\"",
"maxResults": 15,
"startAt": 0
}`
})
Here is the error I'm getting in the Chrome Developer Tools:
Access to fetch at 'https://acmeco.atlassian.net/rest/api/3/search' from origin 'http://localhost:3000' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
Setting the request to "no-cors" won't work though because that prevents setting the "Content-Type" header.
As I understand it, the API needs additional configuration to include the Allow-Origin Header mentioned above included with the OPTIONS response.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.