"Issue does not exist or you do not have permission to see it." -Postman REST API

Cameron Loperfido July 20, 2023

Hi all, I cannot get past this 404 error.

  • The account I'm using is the org admin.
  • I can view the data by entering the url into edge.
  • I've tried creating new api keys.

I am at a loss, please help.

image.png

2 answers

1 accepted

0 votes
Answer accepted
Cameron Loperfido August 1, 2023

There are two places to generate APIs within the Atlassian cloud environment.

  1. https://id.atlassian.com/manage-profile/security/api-tokens:
    -For APIs specific to user access.
  2. Atlassian Administration -> Setttings -> API Keys:
    -For APIs that manage the org.

 

I was trying to use the later, not realizing the former existed..

0 votes
Hyrum Steffensen _Appfire_
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
July 20, 2023

Hello Cameron,

This is an interesting issue. I tried the following curl and was able to reproduce your results (the 404 error).

curl -v -u "user:pass" \
--url "http://localhost:8080/rest/api/3/issue/DEMO-1"

I then changed the API version to 2 and it worked as expected.

curl -v -u "user:pass" \
--url "http://localhost:8080/rest/api/2/issue/DEMO-1"

This is a bit curious as I have never come across this before. I checked the Atlassian documentation and both version 2 and 3 support the same authentication. According to the documentation, the difference in versions should not make any difference when it comes to authentication.

https://developer.atlassian.com/cloud/jira/platform/rest/v3/intro/#version

When I compare the verbose response from the curl, the only difference I see that sticks out is the "content security policy".

Screenshot 2023-07-20 at 6.04.15 PM.png

I tried this using a different Jira version (going from Jira 8.22.6 to 9.4.2) and neither version worked. However, I still see the "self" content security policy when the curl request does not work. I searched Google for "jira rest content security policy" and am seeing some interesting results. I believe this would be the place to start.

See this Atlassian documentation on Jira security headers. I believe this will resolve the issue.

https://confluence.atlassian.com/jirakb/security-headers-in-jira-939919914.html

Here are some suggested troubleshooting steps:

  • Try a different API version.
  • Try an older version of Jira.
  • Export the Postman content to curl and try the curl verbose flag.
  • Compare the verbose success response with the verbose failing response using git diff (or a similar feature in an IDE).
  • Google "jira rest content security policy" for other ideas

Please let me know how it goes!

Hyrum

Cameron Loperfido July 21, 2023

Thank you so much for your response Hyrum! Unfortunately I am new to postman and API calls. I tried changing the get request to rest/api/2/, with no luck. I am using cloud so I cannot change the version of the Atlassian environment.

I'm not sure what you are asking here,

  • "Export the Postman content to curl and try the curl verbose flag."

But. I know what curl is and where to find the code snippet in postman, and what Atlassian recommends.

Hyrum Steffensen _Appfire_
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
July 21, 2023

Sure thing, Cameron!

If you are using Jira Cloud, then none of the troubleshooting steps I suggested above apply. I tried a basic REST call using Postman to my Jira Cloud test instance and the only way I could make it not work was to pass incorrect authentication. Try creating a new API key and test again.

When using curl, the verbose flag is useful in troubleshooting because it returns additional information you normally would not see. Here is what it looks like:

curl -v

Here is what my curl looks like after I exported it from Postman.

curl --location 'https://<BASE_URL>.atlassian.net/rest/api/2/issue/EX-1' \
--header 'Authorization: Basic CALCULATED_HASH'

Long story short, I think your Postman configuration is just fine. Check the authentication.

Hyrum

Cameron Loperfido August 1, 2023

Turns out, I was trying to apply the org management API key from Atlassian Admin, not the one from my own Atlassian account. We got there, Hyrum! Thanks again for trying to help.

Suggest an answer

Log in or Sign up to answer
TAGS
AUG Leaders

Atlassian Community Events