-
Bug
-
Resolution: Invalid
-
High
-
18
-
Severity 3 - Minor
-
3
-
Summary
Using cookies for REST API auth to retrieve information failing with 401.
/rest/api/2/issue/{issue_key}
Output:
< HTTP/1.1 401 Unauthorized
* Server nginx is not blacklisted
< Server: nginx
< Date: Tue, 01 Nov 2016 09:52:35 GMT
< Content-Type: application/json;charset=UTF-8
< Content-Length: 109
< Connection: keep-alive
< X-AREQUESTID: 712x16295x1
< X-ASEN: SEN-5941992
< X-AUSERNAME: anonymous
< X-ATENANT-ID: milkcoffee.atlassian.net
< Cache-Control: no-cache, no-store, no-transform
< X-Content-Type-Options: nosniff
< WWW-Authenticate: OAuth realm="https%3A%2F%2Fmilkcoffee.atlassian.net"
<
* Connection #0 to host milkcoffee.atlassian.net left intact
\{"errorMessages":["You do not have the permission to see the specified issue.","Login Required"],"errors":\{}}
Steps to reproduce
- Get a cookie from instance - curl -c cookies.txt -d "username=user_name&foobar" https://instance.atlassian.net/rest/auth/1/session
- Run a GET request for issue - curl -b cookies.txt https://instance.atlassian.net/rest/api/2/issue/ABC-1
- Error 401 will be returned
- relates to
-
JRASERVER-62515 The documentation for REST API Cookie authentication is incomplete (for Cloud)
- Gathering Interest
- is duplicated by
-
JCE-766 Loading...