It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

REST + SSO + Atlassian Account + JIRA

My understanding from this question about HTTP Basic authentication not working anymore for is that the workflow should be something like the following:

  1. Post username/password to
  2. Retrieve the __ATL_TOKEN cookie sent in the response to a successful login above
  3. Use the provided __ATL_TOKEN in subsequent requests to

If this is correct, then perhaps this no longer works or there is a PEBKAC.

If this workflow is not correct, what should I be doing to ensure that I can use Atlassian Accounts through REST for JIRA?

Thanks in advance,


2 answers

1 accepted

1 vote
Answer accepted

Are you just trying to use basic auth to log in to your Cloud JIRA instance (for example https://{your-instance-name}

Or are you trying to log in to (Atlassian's public-facing issue tracker) specifically?

Hi Sam,

Thanks for looking. I'm trying to use the REST API on my instance.

I am not using any "auth" on the JIRA side, but trying to figure out which cookies need to be set and where to get them from. What I have pieced together based on my experimentation with cURL and looking at cookies in the browser is that I have to get the following cookies:

  • studio.crowd.tokenkey

I can get the first two, but not the last. I'm not sure how that is set, or where it comes from.

Does a cURL using basic auth not work for you? This works OK for me:

curl -D- -u user\ -X GET -H "Content-Type: application/json"

Note I use my Atlassian Account login details (so email address and password, instead of username and password).

Based on this example:

To do cookie-based auth, I log in over REST using POST /rest/auth/1/session and use the resulting session cookie in subsequent requests along the lines of the example here.

Edit: updated links to point to the newer versions of the cloud REST API docs. 

This does not work for me. I believe the reason is due to the recent upgrade to Atlassian accounts (SSO).

Can you post an example of the cURL request you are doing? With generic password and URL, of course : )


curl -i -X POST -H "Content-Type: application/json" --data '{"username":"","password":"password"}'

-> results in __ATL_TOKEN cookie


curl -k --cookie "__ATL_TOKEN=<the value>; Version=1;; Path=/; HttpOnly; Secure"

-> results in JSESSIONID


curl -k --cookie "__ATL_TOKEN=..." --cookie "JSESSIONID=..."

-> 401

Note that the second step doesn't really seem to do anything.

I think you just need to do this:

1) curl request to your cloud instance:

curl -i -H "Content-Type: application/json" -X POST -d '{"username":"username","password":"password"}'

 (note this request takes username, not email address)

 -> results in a JSON response that contains something like:


The session name somename might be one of 'studio.crowd.tokenkey' OR  'JSESSIONID' OR 'cloud.session.token'

2) curl request using the session name and the token value from the JSON response in step 1.

So, if session name was studio.crowd.tokenkey, then use:

curl -v --cookie "studio.crowd.tokenkey=6E348...."

Or if session name was cloud.session.token, then use:

curl -v --cookie "cloud.session.token=6E348...."

This works for me. Let me know if it solves or if you have further issues and I'll try to help again.

I get the following after step 1:

{"errorMessages":["Login failed"],"errors":{}}

I get this whether it's my username, or my email.

I only get the error if I am using incorrect username/password.

Does the password you are using defintely log you in to https://{your-instance-name}

It sounds like you must be tying to log in/out through the browser in order to look at the cookies, but I thought I should check.

If you haven't tried already, go to and logout. Then go https://{your-instance-name} and try to login.

Atlassian invalidated some Atlassian Account passwords recently (read this security notice for more info). Is there a chance your account was affected and you need to reset your password?

Perhaps try change your password via: in case that sorts things out.

Assuming you are an admin on the instance, go to https://{your-instance-name} and double check you are using the right username.

By co-incidence, there have been many login-related problems with Atlassian services today. Atlassian are still monitoring the problem, so perhaps there is a chance you are still affected. You could request support from Atlassian via 

Other than that, I'm not sure what else I could be missing. I'm not aware of anything in the Atlassian Account migration that changes the login method. I use my Atlassian Account to log in to several different instances and have no problems with the REST API - using either basic auth or getting a session token using /rest/auth/1/session and using cookie-based-auth.

You don't use SAML SSO to log in, do you?

Atlassian recently converted my account to an "Atlassian Account"

My understanding is that I am technically using SSO: The Atlassian edition.

I believe this is the underlying issue:


Well this is odd... I changed my password, then tried to login through REST using just my username (not email) and it worked.

Great! Glad it worked in the end.

Maybe the change ironed out some problem hanging over from today's login issues.

Do both methods now work for you?

Basic Auth with email + password (In this request, I use '\' to escape the @ sign):

curl -D- -u yourname\ -X GET -H "Content-Type: application/json"

Cookie-based with username + password:

curl -i -H "Content-Type: application/json" -X POST -d '{"username":"username","password":"password"}'


p.s. Another thing to check would have been if you had tiggered a CAPTCHA which was preventing login:


"CAPTCHA is ‘triggered’ after several consecutive failed log in attempts, after which the user is required to interpret a distorted picture of a word and type that word into a text field with each subsequent log in attempt. If CAPTCHA has been triggered, you cannot use JIRA’s REST API to authenticate with the JIRA site.

You can check this in the error response from JIRA – If there is an X-Seraph-LoginReasonheader with a a value of AUTHENTICATION_DENIED, this means the application rejected the login without even checking the password. This is the most common indication that JIRA’s CAPTCHA feature has been triggered."

I guess you must be right. Both methods work... Though, according to the documentation, the second one shouldn't :-/

Edit: I did check for a CAPTCHA. This isn't my first Atlassian REST login rodeo ;-)

Which docs say the 2nd one shouldn't?

I saw it here:

> Before your users' accounts upgrade to Atlassian account, REST APIs that accept user credentials expect a username and password. After the upgrade, REST APIs that accept Atlassian account user credentials expect a verified email address instead of a username.


Oh. I'd seen that one, but I had somehow interpreted that as only applying when doing basic auth, but not when logging in and getting a cookie using /rest/auth/1/session.

But now you point it out, it doesn't make any distinction like that at all!

I guess I got it in my mind since the Cloud REST API spec and developer docs examples all show username rather than email in the example JSON data for posting to /rest/auth/1/session.


Eh, behind big companies are still people. I guess I should file a bug but hopefully this discussion has enough keywords to show up in web searches.

Thanks for your help Sam!

I too can no longer authenticate to our cloud instance using basic auth.  We are using Google/G Suite authentication and Atlassian have mandated enabling the Atlassian Account support this week.  We've enabled that and now can't use basic authentication to authenticate to the REST API.

We were previously using email/password for the instance.  That stopped working, but the email/password from is also not working.

Also just done basic test with curl ... no luck.

I've raised a support request, but if anyone has any ideas I'd love to hear them.

Hi Matt - it's probably worth asking a new question here in the community about that. 

Mention Google/G Suite in the question title and it will make it much clearer to people what you need help with and avoid confusion with Sohail's question here, which is not to do with Google/G Suite authentication.

People are more likely to find your question and help if it is posted as a new unanswered question, rather than in a comment on this thread, which is marked as 'solved'.

Anyway, I'm guessing you already tried all the stuff suggested above?

Did you also have look at this old question which might help with some things to try?:

Hey @Sam_Hall  - I'm trying to do a simple GET request to see the list of issues assigned to a user, it constantly gives me a 401. I tried changing my password, logging out and logging in back with the new password, I was able to login. But the curl request gives me a 401 every time. We are using JIRA 7 and I believe the Access to allow REST API integration is enabled by default. Could you please help me out here?


curl -D- -u emailaddress:password -X GET -H "Content-Type: application/json"

Hey @sam  - I am trying to do a simple GET to see all the issues assigned to a particular user. But I am constantly getting a 401. I've tried resetting my password, logging out and logging in, but doesn't seem to help. Could you please help me out here?


curl -D- -u email\ -X GET -H "Content-Type: application/json" https://mydomain/rest/api/2/issue/?jql=assignee=emailaddress

0 votes

For a single solution to using SSO with your Atlassian products, consider Crowd 3.4 with its SSO 2.0 - Crowd’s single point of access for Jira, Jira Service Desk, Bitbucket, and Confluence across different domains with one common login page.

but that all are not free/open source and for small cos it is too big amount to pay. can you suggest any free implementation for sso to use here in jira and confluence

What about supporting login through Okta's SSO? Lots of companies are using this and it is currently not working.

Like # people like this

Suggest an answer

Log in or Sign up to answer

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you