Hello,
We recently upgraded our authentication on an application connected to Jira from Basic to OAuth. Upon doing so, a number of queries started to return 401 unauthorized, with the reason provided being an invalid oauth token.
I ran numerous queries to diagnose the issue, since it was the same token, through the same google oauth client as provided by Atlassian in the sample code for OAuth integration tutorial. I narrowed the issue down to an unconventional approach one of my developers had used in adding fields to queries.
For example
https://ems.edaptive.com/ems/rest/api/2/search?jql=issuetype+in+%28Sub-task%29+AND+Sprint+%3D+2388&fields=customfield_15102&fields=customfield_15103
would fail, while
https://ems.edaptive.com/ems/rest/api/2/search?jql=issuetype+in+%28Sub-task%29+AND+Sprint+%3D+2388&fields=customfield_15102,customfield_15103
passes when using OAuth. When using Basic user-pass authentication, both queries pass and return data.
I also tested on version 3, latest (per https://jira.atlassian.com/browse/JRACLOUD-72126) and various complexities of query, some nested and not, non-custom fields (due to old bug), etc. The consistent failure point was multiple &fields= appearing in the query.
We've eliminated the unconventional approach to fields selection in queries as a workaround. We are reporting the issue for Atlassian's awareness.
