Using OAuth 3LO Authentication Returns "401 Unauthorized; scope does not match" for Confluence API v2 Endpoints

XMLWordPrintable

    • 1
    • Minor

      Issue Summary

      Requests authenticated via Bearer Token (OAuth 3LO Authentication) fail with 401 error codes, returning "Unauthorized; scope does not match" even if the scope includes the necessary permissions.

      Steps to Reproduce

      1. Configure an OAuth app (https://developer.atlassian.com/cloud/confluence/oauth-2-3lo-apps/)
      2. Ensure that scope includes the necessary Granular Scopes to access the desired endpoint (i.e. "read:attachment:confluence" for attachments)
      3. Run a request authenticated with a valid token to retrieve attachments (Get Attachment by ID - API v2)

      Expected Results

      Attachment details are returned

      Actual Results

      401 "Unauthorized; scope does not match" is returned

      Workaround

      This does not happen when using REST v1 endpoints.

      Also, if the v2 endpoint is preferred, it is still possible to authenticate requests using Basic authentication.

              Assignee:
              Simon Kliewer
              Reporter:
              Leonardo H
              Votes:
              1 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated:
                Resolved: