Getting 401 when creating Crucible Review from REST API

I'm trying to create review from Fiddler composer:

POST http://crucible.dev/rest-service/reviews-v1?FEAUTH=crucible:66:98ed811f41548484bb1f83503c287664 HTTP/1.1
User-Agent: Fiddler
Host: crucible.dev
Content-Length: 393
Content-Type: application/json

{
  "reviewData" : {
    "projectKey" : "CR",
    "name" : "R1234",
    "description" : "Review R1234",
    "author" : {
      "userName" : "someUser"
    },
    "moderator" : {
      "userName" : "someUser"
    },
    "creator" : {
      "userName" : "someUser"
    },
    "state" : "Review",
    "type" : "REVIEW",
    "allowReviewersToJoin" : true
  }  
}

But it returns 401 (see response below). The user "crucible" exists and is admin. Creating review from web UI under this user is ok. The request of all reviews (GET http://crucible.dev/rest-service/reviews-v1?FEAUTH=crucible:66:98ed811f41548484bb1f83503c287664) returns 200 OK and contains all reviews. 

So is create review request correct? Maybe it should use some other auth?

HTTP/1.1 401 Unauthorized
Cache-Control: private
Content-Length: 24263
Content-Type: application/xml
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Server: Microsoft-IIS/8.5
Set-Cookie: remember=;Path=/;Expires=Thu, 01-Jan-1970 00:00:00 GMT;HttpOnly
WWW-Authenticate: OAuth realm="http%3A%2F%2Fcrucible.dev"
WWW-Authenticate: OAuth realm="http%3A%2F%2Fcrucible.dev"
X-UA-Compatible: IE=Edge
X-AUSERNAME: crucible
X-Content-Type-Options: nosniff
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Date: Thu, 25 May 2017 14:24:37 GMT

<?xml version="1.0" encoding="UTF-8" standalone="yes"?><error><code>Authorization</code><message>Crucible unauthorised action.</message><stacktrace>com.atlassian.crucible.spi.services.AuthorizationException: Crucible unauthorised action.
	at com.cenqua.crucible.model.managers.impl.DefaultReviewManager.changeState(DefaultReviewManager.java:1000)
	....
at java.lang.Thread.run(Thread.java:679) </stacktrace></error>

 

1 answer

1 accepted

After some expirements I've found out that "creator" should be same as authenticated user.

Suggest an answer

Log in or Sign up to answer
How to earn badges on the Atlassian Community

How to earn badges on the Atlassian Community

Badges are a great way to show off community activity, whether you’re a newbie or a Champion.

Learn more
Community showcase
Published yesterday in Jira Software

How large do you think Jira Software can grow?

Hi Atlassian Community! My name is Shana, and I’m on the Jira Software team. One of the many reasons this Community exists is to connect you to others on similar product journeys or with comparabl...

347 views 4 9
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you