Missed Team ’24? Catch up on announcements here.

×
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

JIRA REST API v3 returns 415 on OPTIONS method

Joel Kinzel
Joel Kinzel May 2, 2024

I'm attempting to hit the JIRA Cloud REST API v3 in a React application in order to automate some reports for my team. I am using the native fetch to make the call.

However, the pre-flight OPTIONS request that gets sent is returning a 415. I have the content type set to "application/json" (as well as the "accepts"). 

I more or less copied the NodeJS example from  the docs (swapping out for things within my Jira instance of course): https://developer.atlassian.com/cloud/jira/platform/rest/v3/api-group-issue-search/#api-rest-api-3-search-post 

Any thoughts on what steps I could try next?

Answer
Watch
Like Be the first to like this
79 views

3 answers

1 accepted

0 votes
Answer accepted
Joel Kinzel
Joel Kinzel May 9, 2024

I was able to figure out what was happening. I am using create react app and http-proxy-middleware (per the CRA docs). HPM forwards all headers and because there is a User-Agent header attached to the POST request, Atlassian REST was rejecting it (even though the request was coming from Node and not the browser). I removed the User-Agent header and the request was able to complete.  

For those curious or running into a similar situation here is the code, specifically for http-proxy-middleware. 

app.use(
  '/api',
  createProxyMiddleware({
    target: JIRA_REST_URI,
    changeOrigin: true,
    logger: console,
    on:{
      proxyReq(proxyReq){
        proxyReq.setHeader('Authorization', `Basic ${Buffer.from(process.env.REACT_APP_JIRA_API_IDENTITY+':'+process.env.REACT_APP_JIRA_API_TOKEN).toString('base64')}`);
        proxyReq.setHeader('X-Atlassian-Token','no-check');
        proxyReq.removeHeader('User-Agent');
      }
    }
  })
);

 

Reply
0 votes
Joel Kinzel
Joel Kinzel May 3, 2024

See response below

Reply
0 votes
Francis Batilo
Francis Batilo
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
May 2, 2024

Hey @Joel Kinzel ,

From the error code, it seems that your authorisation and connection is there, however, it seems like the payload format isn't recognised. If you're using json, then is more often than not, likely a case of a single quote to double quotes problem. But I'm not sure.  Can you copy your code here but truncate any references to your Jira instance. I want to check it.

View More Comments
Joel Kinzel
Joel Kinzel May 3, 2024

Thanks Francis, I copied the code from the example. I've confirmed that the API key is being properly loaded in the call. As I mentioned, the issue appears to be the pre-flight OPTIONS request that Chrome sends. It returns a 415 and thus the POST never actually fires. I have tried adding "mode: cors" and "mode: no-cors" but those don't work either. Here is the fetch code:

const res = await fetch('https://acmeco.atlassian.net/rest/api/3/search', {
  method: 'POST',
  mode: "cors",
  headers: {
    'Authorization': `Basic ${Buffer.from('jkinzel@acmeco.com:'+process.env.REACT_APP_JIRA_API_TOKEN).toString('base64')}`,
    'Accept': 'application/json',
    'Content-Type': 'application/json'
  },
  body: `{
    "expand": [
      "names",
      "schema",
      "operations"
    ],
    "fields": [
      "summary",
      "status",
      "assignee"
    ],
    "fieldsByKeys": false,
    "jql": "project = \"AMP\"",
    "maxResults": 15,
    "startAt": 0
  }`
})

Here is the error I'm getting in the Chrome Developer Tools:

Access to fetch at 'https://acmeco.atlassian.net/rest/api/3/search' from origin 'http://localhost:3000' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.

Setting the request to "no-cors" won't work though because that prevents setting the "Content-Type" header. 

As I understand it, the API needs additional configuration to include the Allow-Origin Header mentioned above included with the OPTIONS response.

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
PREMIUM
PERMISSIONS LEVEL
Site Admin
TAGS
AUG Leaders

Atlassian Community Events

    See all events