Rest API requests NOT working with any other tool than "Rest API Browser" - received 403 forbidden error

I am working on REST API stuff and mainly working with "Rest API Browser" add-on.

Whenever i try to post any request from this add-on say creating test cycle, test steps etc the request gets proccessed within few mins with success code(200) however if i try to do same thing with any tool [say gatling] i am receiving an error 403-forbidden, i have rechecked all the request headers and those seems to be fine and correct.

 

I am not sure why i am not able to post the request through any other tool than "Rest API Browser" tool.

Kindly help me in getting this sorted.

Kind regards,

Siddhi.

1 answer

0 vote

Generally if you are having problems with making REST requests that are working in one tool but not others, this would point to an authentication issue of some kind. Are you able to provide examples of the type of REST API call you are trying to make, specifically where it is working and where it is not working?

What type of authentication are you passing through in the headers when you are not using Rest API browser?

Hi Jeff,

I want to create test plan/cycle in Jira for that I am using below JSON request:

{

           "clonedCycleId": "",

           "name": "Temp Test Cycle",

           "build": "",

           "environment": "Env",

           "description": "Creating new test cycle",

           "startDate": "",

           "endDate": "",

           "projectId": "12345",

           "versionId": "-1"

          }

and the API is: rest/zephyr/latest/cycle

also I am passing below request headers:

"User-Agent"  -> "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101 Firefox/45.0",

"Accept-Encoding"  -> "gzip, deflate",

"AO-7DEABF"  -> "1v+f9MW2DCye5LYQR4YV772dXbRdUgbQG3/Ygwp2sUuPiexaqWDokYCYl0cvMWeim7M8Q91uRo9C5bjia/0bMQ==",

"Cookie"  -> "atlassian.xsrf.token=nocheck; JSESSIONID=${sessionID}",

"X-Atlassian-Token"  -> "nocheck",

"Content-Type" -> "application/json")

 

Please note i have added "X-Atlassian-Token"  -> "nocheck", in request headers because i got "XSRF Check failed error" and if i romove "X-Atlassian-Token"  -> "nocheck" the i received 403 forbidden error.

 

kindly help on the same.

 

Apologies I am not very familiar with the Zephyr APIs as they are not a native part of the Atlassian platform. However some quick googling indicates that you may be able to pass a base64 encoded version of a username/pwd hash in the headers (as shown in this ticket https://support.getzephyr.com/hc/en-us/community/posts/200998059-Authentication-issue-in-ZAPI) which might do the trick.

I also found this resource which has some example code to get you started, and that seems to confirm my suspicion above (https://support.getzephyr.com/hc/en-us/articles/202465959-Sample-Create-a-Test-Cycle-and-Add-Existing-Tests).

I tried to pass all the possible headers but still received 403-forbidden..

could you please help me in identifying the mandatory authentication headers which needs to be passed?

HI Jeff,

The issue is related to the custom value generation in the request header of the same API which is going to use the request header with the auto-generated value [here the value is AO-7DEABF].

Could u please assist me in handling the same? I want to extract this value from request header and want to pass it in the same request header.

Suggest an answer

Log in or Sign up to answer
How to earn badges on the Atlassian Community

How to earn badges on the Atlassian Community

Badges are a great way to show off community activity, whether you’re a newbie or a Champion.

Learn more
Community showcase
Published Thursday in Jira

5 ways you can make the most of Jira Software and Bitbucket Cloud

As part of the Bitbucket product team I'm always interested in better understanding what kind of impact the use of our tools have on the way you work. In a recent study we conducted of software devel...

82 views 0 5
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you