Details
-
Bug
-
Resolution: Invalid
-
High
-
18
-
Severity 3 - Minor
-
3
-
Description
Summary
Using cookies for REST API auth to retrieve information failing with 401.
/rest/api/2/issue/{issue_key}
Output:
< HTTP/1.1 401 Unauthorized * Server nginx is not blacklisted < Server: nginx < Date: Tue, 01 Nov 2016 09:52:35 GMT < Content-Type: application/json;charset=UTF-8 < Content-Length: 109 < Connection: keep-alive < X-AREQUESTID: 712x16295x1 < X-ASEN: SEN-5941992 < X-AUSERNAME: anonymous < X-ATENANT-ID: milkcoffee.atlassian.net < Cache-Control: no-cache, no-store, no-transform < X-Content-Type-Options: nosniff < WWW-Authenticate: OAuth realm="https%3A%2F%2Fmilkcoffee.atlassian.net" < * Connection #0 to host milkcoffee.atlassian.net left intact \{"errorMessages":["You do not have the permission to see the specified issue.","Login Required"],"errors":\{}}
Steps to reproduce
- Get a cookie from instance - curl -c cookies.txt -d "username=user_name&foobar" https://instance.atlassian.net/rest/auth/1/session
- Run a GET request for issue - curl -b cookies.txt https://instance.atlassian.net/rest/api/2/issue/ABC-1
- Error 401 will be returned
Attachments
Issue Links
- relates to
-
JRASERVER-62515 The documentation for REST API Cookie authentication is incomplete (for Cloud)
- Gathering Interest
- is duplicated by
-
JCE-766 Loading...