Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Next challenges

Recent achievements

  • Global
  • Personal


  • Give kudos
  • Received
  • Given


  • Global

Trophy case

Kudos (beta program)

Kudos logo

You've been invited into the Kudos (beta program) private group. Chat with others in the program, or give feedback to Atlassian.

View group

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

REST API not returning any data with API token

Hi all,

We are currently switching to API token-based authentication to query the JIRA Cloud REST API, using a fork of maven-changes-plugin.

This was working previously using a username/password Basic Auth authentication scheme, but now this is failing big times using the API token instead of the password.

Authentication looks ok, since we get a 200 OK back from the server, but attempting to query (for instance) the list of projects that the user can see always returns back with an empty array:

curl -v -u 'username:apitoken'

Authorization: Basic cGRvs67.....
HTTP/2 200


Obviously, the user can login successfully in the UI, see and browse many projects...

Any idea?

2 answers

1 accepted

1 vote
Answer accepted
Andy Heinzer Atlassian Team Jun 27, 2019

Hi Pascal,

I see that you are running into authentication errors when trying to switch from the deprecated password to use the API token for a Cloud REST API call.

The use of the API token is slightly different than using a cleartext password.  You can't just substitute that token for the password itself.  Instead you need to create a string of your


and then base64 encode that string.  Once you do that, you have to supply that string as part of a header in your request.  More details in

Supplying basic auth headers

If you need to, you may construct and send basic auth headers yourself. To do this you need to perform the following steps:

  1. Generate an API token for Jira using your Atlassian Account:
  2. Build a string of the form useremail:api_token.
  3. BASE64 encode the string.
  4. Supply an Authorization header with content Basic followed by the encoded string. For example, the string fred:fred encodes to ZnJlZDpmcmVk in base64, so you would make the request as follows:
curl -D- \
-X GET \
-H "Authorization: Basic ZnJlZDpmcmVk" \
-H "Content-Type: application/json" \

Try this and let me know the results.


Hi Andy,

That works perfectly.

The problem I was running into is that I was using the username and not the email address.

The doc that you referred to was the one I was using - but I'm afraid that it was not extra-clear to me, see section "Getting your API token":

You can generate an API token for your Atlassian account and use it to authenticate anywhere where you would have used a password.

So that's what I did, but definitely overlooked the rest because I'm not building the Authorization header myself (curl or the HTTP library does it all for me).

Therefore I did not detect that I had to switch to the email address as well instead of username...

Thanks a lot!

Like # people like this

This doesn't work.

I've used my user email:api_token and I can connect just fine.

-u  // WORKS

When I convert that same string into base64 and use that it 400s every time.

-H "Authorization: Basic AbCdE123F=="  // FAILS 


I managed to solve mine. Turns out I was using the wrong Base64 encryption. There are many types, make sure you're using the right one.

Hi Andy, 

i created an API token using my email address.


  1. Build a string of the form useremail:api_token.
  2. BASE64 encode the string

(actually postman do that automatically but i also tried encoding manually)


Supply an Authorization header with content Basic followed by the encoded string..

still getting Unauthorized (401)


trying to hit


any ideas? do my company requires to do some additional setup??

Andy Heinzer Atlassian Team Dec 10, 2019

Hi Juan,

The steps we have above are specifically for using Atlasisan Cloud.  In those cases, the URLs will be either or a domain.  In your case, it looks like a non-Atlassian Cloud domain.  Meaning that this is likely running a Jira Server and not Jira Cloud.

Atlassian offers our Cloud sites the ability for end users to create API tokens.  However Server products do not currently offer the exact same feature.   So while Jira Cloud you can encode the username:apitoken into a base64 string, for Jira Server, you just use the username:password when encoding the string.  More details for Server basic auth in .

Try that instead.


Suggest an answer

Log in or Sign up to answer

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you