REST api interface. Server answer is 403 with X-Authentication-Denied-Reason: CAPTCHA_CHALLENGE.

Eric ROMON September 17, 2015

I have just signed up for an account at jira/atlassian/com.

I can successfully log in using the web interface, but I cannot login with basic authentication on the rest api interface.

Server answer is 403 with X-Authentication-Denied-Reason: CAPTCHA_CHALLENGE.

Though I can log without problem (and no captcha verification asked) at the regular login interface.

Any clue?

 

I have even tried to deliberately wrong log 5 times such as to be asked for a captcha and then log-in successfully. But when retrying to connect through the rest api, same 403 response.

Below, the full log of request and response:

* About to connect() to jira.atlassian.com port 443 (#0)
* Trying 131.103.28.11... * connected
* Connected to jira.atlassian.com (131.103.28.11) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* CAfile: /etc/pki/tls/certs/ca-bundle.crt
CApath: none
* SSL connection using TLS_DHE_RSA_WITH_AES_128_CBC_SHA
* Server certificate:
* subject: CN=*.atlassian.com,O=Atlassian Pty Ltd,L=Sydney,ST=New South Wales,C=AU
* start date: Sep 17 00:00:00 2014 GMT
* expire date: Sep 20 12:00:00 2017 GMT
* common name: *.atlassian.com
* issuer: CN=DigiCert SHA2 High Assurance Server CA,OU=www.digicert.com,O=DigiCert Inc,C=US
* Server auth using Basic with user 'eric.romon1627545656'
> GET /rest/api/latest/issue/DEMO-5152?expand=names HTTP/1.1
Authorization: Basic ZXJpYy5yb21vbjE2Mjc1NDU2NTY6TXkgSklSQSBQYXNzd29yZA==
Host: jira.atlassian.com
Accept: */*
Content-type: application/json

< HTTP/1.1 403 Forbidden
< Server: nginx
< Date: Thu, 17 Sep 2015 15:10:55 GMT
< Content-Type: text/html;charset=UTF-8
< Transfer-Encoding: chunked
< Connection: keep-alive
< X-AREQUESTID: 910x18426623x2
< X-ANODEID: node2
< X-ASEN: TestSEN
< WWW-Authenticate: OAuth realm="https%3A%2F%2Fjira.atlassian.com"
< X-ASESSIONID: qnxw15
< X-Content-Type-Options: nosniff
< X-Authentication-Denied-Reason: CAPTCHA_CHALLENGE; login-url=https://jira.atlassian.com/login.jsp
< X-Robots-Tag: noarchive
< Vary: Accept-Encoding
< Set-Cookie: __atl_path=172.24.36.107.1442502655796815; path=/; expires=Sun, 14-Sep-25 15:10:55 GMT; domain=.atlassian.com
< Set-Cookie: JSESSIONID=DD95D0D5A996FAE4437B3C35BCECBF9A.node2; Path=/; Secure
<
* Connection #0 to host jira.atlassian.com left intact

1 answer

0 votes
Joacim Boive September 29, 2015

Have you checked:

https://developer.atlassian.com/jiradev/jira-apis/jira-rest-apis/jira-rest-api-tutorials/jira-rest-api-version-2-tutorial#JIRARESTAPIVersion2Tutorial-CAPTCHAs

You've probably tried to login too many times incorrectly.

No idea when it releases the Captcha Challenge once triggered...

Suggest an answer

Log in or Sign up to answer