Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Deleted user
0 / 0 points
Next:
badges earned

Your Points Tracker
Challenges
Leaderboard
  • Global
  • Feed

Badge for your thoughts?

You're enrolled in our new beta rewards program. Join our group to get the inside scoop and share your feedback.

Join group
Recognition
Give the gift of kudos
You have 0 kudos available to give
Who do you want to recognize?
Why do you want to recognize them?
Kudos
Great job appreciating your peers!
Check back soon to give more kudos.

Past Kudos Given
No kudos given
You haven't given any kudos yet. Share the love above and you'll see it here.

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Jira api get all boards returns 403 forbidden

Hi, I have a node js site that uses Oauth 2 to authenticate with Jira.
Followed this documentation. https://developer.atlassian.com/cloud/jira/platform/oauth-2-authorization-code-grants-3lo-for-apps/

Authentication part seems to work fine. I get the authToken and cloudId and
when I make a request to get all projects or an issue with id, then every thing works fine.
But when I try to get all issues or boards then I get the "403 Forbidden" error.

Request headers
method: "GET",
headers: {
  'Authorization': 'Bearer {access_token}' ,
  'Accept': 'application/json'
}

Request url
https://api.atlassian.com/ex/jira/{cloud_id}/rest/api/3/issue/{id} - returns issue
https://api.atlassian.com/ex/jira/{cloud_id}/rest/api/3/project- returns all projects

https://api.atlassian.com/ex/jira/{cloud_id}/rest/api/3/issue - returns 403
https://api.atlassian.com/ex/jira/{cloud_id}/rest/api/3/board- returns 403


So what am I missing here, why cant i get boards and issues?

2 answers

1 accepted

1 vote
Answer accepted
Dario B Atlassian Team Nov 14, 2018

Hi @Tõnu Roosi,

 

I cannot find anywhere documented that there is an endpoint to GET all the issues. The only documentation I have found for the endpoint /rest/api/3/issue is the below one and it is actually to create an issue using POST:

 

Then, same as above, there is no rest/api/3/board endpoint. The one to get all boards is actually /rest/agile/1.0/board. Find the documentation below:

 

Cheers,
Dario

Hi Dario,

thank your for the replay.

I solved the issue problem using search.  /rest/api/3/search/?jql={search_params}
But I still have problem getting all the boards.
Unfortunately /rest/agile/1.0/board also returns the 403 error.

 

Regards,
Tõnu

Dario B Atlassian Team Nov 15, 2018

Can you make sure the user has Jira Software rights and access to at least one boad?

 

You can doble-check this by logging into the instance, e.g. https://something.atlassian.net, and then navigate to the same rest endpoint by pasting below url in your Internet browser address bar:

https://something.atlassian.net/rest/agile/1.0/board

Yes, user has Jira Software rights.
When I log into my Jira and navigate to the .../rest/agile/1.0/board then I get a list of boards as expected.

Dario B Atlassian Team Nov 15, 2018

Then something is going wrong when authenticating the request in the code. Can you try if this works with curl as well?

Also, do you get any error message together with the 403? 

Hi,
with curl it's the same.
curl -u user:pass https://something.atlassian.net/rest/agile/1.0/board returns all boards.

But
curl -H "Accept: application/json" -H "Authorization: Bearer {accessToken}" https://api.atlassian.com/ex/jira/{cloudId}/rest/agile/1.0/board returns "Forbidden 403"

No errors beside 403.

Dario B Atlassian Team Nov 16, 2018

Hi @Tõnu Roosi

If this is the case then you may want to either:

Hi,

Thanks for the advice.
I'll ask around in dev community.

Regards,
Tõnu

@Dario B @Tõnu Roosi - Calls using 3LO (OAuth2) against the rest/agile APIs (Jira Software, and not Jira Platform) are not yet supported. This took me a bit to figure out, so I wanted to post it here for clarity. It is on the Atlassian roadmap (they in fact released Confluence support for 3LO auth only a few months ago)

Dario B Atlassian Team Apr 08, 2020

Hi @Jason Immerman , 

I can see that indeed the documentation for Jira Sofware  says this is not supported:

 

While we have this documented for Jira Core  and Jira Service Desk:

 

But at the same time, there is below page explaining how to use Oauth2 to integrate with Jira Software:

 

I am getting in touch with DEV to get some clarity on this. I will try to update below public issues as soon as I have more details.

 

Please set yourself as a watcher to them so that you will be notified 

Cheers,
Dario

Got it, thanks for the comprehensive reply @Dario B - I am watching those issues and look forward to learning more!

Like Dario B likes this
Dario B Atlassian Team Apr 08, 2020

You are very welcome @Jason Immerman ! :)

After reviewing everything I strongly believe the answer is already in the quoted text of my previous answer:

This page provides instructions on implementing OAuth 2.0 authorization and calling the builds API, deployments API and development information API.

 

The above APIs are only a subset of the ones available for JSW Cloud (below):

Therefore, I assume this is still under development and slowly the other endpoints will be added. 

However, this is the idea I got by reviewing the documentation. I have already asked the team working on this to clarify. I should get an answer in the next days.

 

Cheers,
Dario

Dario B Atlassian Team Apr 14, 2020

Hello @Jason Immerman ,

I got confirmation that Oauth2 is indeed supported only for a subset of the endpoints available for Jira Software Cloud. For this reason I have opened the below feature request:

You may want to vote and watch the above feature request so that you will get notified in case of any update. The  feature will be addressed according to the Implementation of New Features Policy.

 

Cheers,
Dario

Like Yatish Madhav likes this

Thanks @Dario B! Definitely makes my life easier to watch a single ticket. I really appreciate your help.

Like Dario B likes this

Thank you for this thread and the issue you have created to watch - I am trying to use our private connect app to make REST API calls using JWT. It seems to be returning 403 for this endpoint https://developer.atlassian.com/cloud/jira/software/rest/api-group-other-operations/#api-agile-1-0-board-get - I even saw it the app/system user has permissions and it seems it does have access and SD and Software.

However when I do any request to the Cloud API, it works fine. Any idea why or what the issue is?

Thank you in advance

Suggest an answer

Log in or Sign up to answer
TAGS

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you