jQuery ajax post not working, authorization error... Edited

Hi guys,


I´ve been trying to create an "JIRA Issue" via jquery ajax (cross domain).

I don't want to use cors.

Here follows my code:

$("#buttonPost").click(function () {
type: "POST",
dataType: "json",
crossDomain: true,
processData: false,
url: inputUrl,
data: JSON.stringify(inputData),
headers: {
'Content-Type': 'application/json',
'Authorization': 'Basic *********',
'X-Atlassian-Token': 'no-check',
'Access-Control-Allow-Origin': '*'
success: function (response) {
error: function (error) {

 PS: Authorization token was erased.





OPTIONS https://********:8443/rest/api/2/issue HTTP/1.1
Host: altdev.altitude.com:8443
Connection: keep-alive
Access-Control-Request-Method: POST
Origin: http://localhost:52193
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.181 Safari/537.36
Access-Control-Request-Headers: access-control-allow-origin,authorization,content-type,x-atlassian-token
Accept: */*
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9,es-ES;q=0.8,es;q=0.7,fr-FR;q=0.6,fr;q=0.5,de-DE;q=0.4,de;q=0.3,pt-BR;q=0.2,pt;q=0.1,pt-PT;q=0.1


HTTP/1.1 200
X-AREQUESTID: 739x2175x1
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-ASEN: SEN-7187215
Set-Cookie: atlassian.xsrf.token=B04D-2SOY-GV2A-7GH5|c8b0b46c2a5fb658f8934b91aa120672832acb80|lout;path=/;Secure
X-AUSERNAME: anonymous
Cache-Control: no-cache, no-store, no-transform
Content-Type: text/html;charset=UTF-8
Content-Length: 0
Date: Tue, 29 May 2018 11:19:03 GMT


Failed to load https://*************:8443/rest/api/2/issue: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:52193' is therefore not allowed access.


Again, I just want to create a new issue on a specific project, using my authorization token.

I´ll be glad if someone help me with it, it´s been a long and hard situation.

Thank you in advance.


1 answer

0 votes

Hi Breno, 

A little bit late but posting this with the hopes that you were able to resolve this and the information will help someone else. 

This is a security feature of web browsers called Same Origin Policy. You cannot make an AJAX call to a URL that is on a different domain than where the JavaScript was loaded from (ie. has the "same origin").

There are a number of ways to work around this, the two most common ones are:

  1. Serve your JavaScript from the remote server, instead of the host server.
  2. Make the remote server respond with the correct Cross Origin Resource Sharing ("CORS")headers that will let the browser relax this security policy.

While I see that you do not want to use CORS, please note for CORS, you'll need to configure Jira's whitelist: Configuring the whitelist. More information on this topic can be found in another community post: Rest call to Jira in Jquery results in error No Access Control


Suggest an answer

Log in or Sign up to answer
Community showcase
Published Mar 14, 2019 in Jira

Updates to jira.atlassian.com give you visibility into what's coming in Jira Server and Data Center

Hello, Community! My name is Gosia and I'm a Product Manager on Jira Server and Data Center here at Atlassian. Since 2002 when we launched our public issue tracker, jira.atlass...

629 views 1 15
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you