Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

PowerShell based REST API authentication fails uisng token

Deleted user March 11, 2018

I'm using PowerShell's Invoke-RestMethod applet to make a basic authenticated connection to the Jira Cloud REST API.

When I form the header using a Basic username:plaintextpassword pair that is then Base64 encoded before submission, everything works just fine. When I substitute my token for the password then Base64 encode the pair, as described in the REST API documentation, the authentication fails.

Here is my PowerShell sample:

    $pair = "name@company.com:Kt5p2nfqTsqnvljKXpB6FCG3"
    $bytes = [System.Text.Encoding]::ASCII.GetBytes($pair)
    $base64 = [System.Convert]::ToBase64String($bytes)
    $basicAuthValue = "Basic $base64"
    $headers = @{ Authorization = $basicAuthValue }

    Invoke-RestMethod -Uri https://jira.mycompany.com/rest/api/2/project -Method Get -Headers $headers

 

Answer
Watch
Like Be the first to like this
11049 views

2 answers

1 accepted

0 votes
Answer accepted
Deleted user March 13, 2018

Turns out that our company's Jira Cloud instance doesn't have 2FA enabled, so no authentication can be done with a token.

I'm assuming for the moment that my PowerShell method for encoding and submitting the token is correct, but the destination Jira server is doing the right thing and declining to accept that method of authentication. Looks like I'll be sticking with plain authentication for the time being.

Reply
0 votes
Krishnanand Nayak
Krishnanand Nayak
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
March 11, 2018

try adding this :  $headers["X-Atlassian-Token"] = "nocheck"

Also there is PowerShell module called JiraPS (https://atlassianps.org/). It handles the authentication very well.

View More Comments
Deleted user March 11, 2018

Nope, adding that field to the header didn't work. Still get a (401) Unauthorized error back from the Jira server. The plain password method with that extra header field connects OK though.

I think it's an issue with Jira's Two-Step verification, which needs to be enabled for the token to be accepted. I think because our Jira Cloud instance uses external authentication, the 2FA doesn't apply, so the token is being rejected. I'm in contact with our sysadmins now to see if that is the cause.

Yeah, I saw that JiraPS PowerShell module, but would prefer to solve the problem with the native method if I can.

Like
Krishnanand Nayak
Krishnanand Nayak
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
March 11, 2018

Here is the code i am using for me server instance:

 

function ConvertTo-Base64($string) {
 $bytes = [System.Text.Encoding]::UTF8.GetBytes($string);
 $encoded = [System.Convert]::ToBase64String($bytes);
 return $encoded;
}

function Get-HttpBasicHeader([string]$username, [string]$password, $Headers = @{}) {
 $b64 = ConvertTo-Base64 "$($username):$($Password)"
 $Headers["Authorization"] = "Basic $b64"
 $Headers["X-Atlassian-Token"] = "nocheck"
 return $Headers
}
Like # people like this
Deleted user March 12, 2018

Turns out that our company's Jira Cloud instance doesn't have 2FA enabled, so no authentication can be done with a token.

I'm assuming for the moment that my PowerShell method for encoding and submitting the token is correct, but the destination Jira server is doing the right thing and declining to accept that method of authentication. Looks like I'll be sticking with plain authentication for the time being.

 

PS. The X-Atlassian-Token field is only of use when submitting tasks or activities with files attached. It has no use on any other requests.

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira Software
TAGS
AUG Leaders

Atlassian Community Events

    See all events