Uploaded image for project: 'Jira Cloud'
  1. Jira Cloud
  2. JRACLOUD-65287

The the os_username parameter has been blocked but it is still used in the users onboarding notifications

    XMLWordPrintable

Details

    Description

      Summary

      In the notification sent to the users generate their first password, the button Set my password does not work since it contains the os_username url parameter that has been blocked as documented in the JIRA and Confluence Cloud os_username and os_password embedded in URL no longer available KB article.

      Indeeed, when clicking on the "Set my Password" button the users are sent to a link like the below one:

      Environment

      JIRA Cloud 1000.747.0

      Steps to Reproduce

      1. Invite a new user to the instance, e.g. by using the REST API endpoint /rest/api/latest/user (sending the parameter "notification":"true").
      2. The user that got invited opens the "Account created" notification and click on the Set my password button

      Expected Results

      The link open correctly and the user is able to set the password

      Actual Results

      The below message is returned:

      REQUEST DENIED. Refer to https://confluence.atlassian.com/display/CLOUDKB/JIRA+and+Confluence+Cloud+os_username+and+os_password+embedded+in+URL+no+longer+available for details.
      

      Workaround

      Depending if your instance is using Atlassian Accounts or not, you can either:

      Attachments

        Issue Links

          Activity

            People

              abusch Antoine Büsch (Inactive)
              dbonotto Dario B
              Votes:
              1 Vote for this issue
              Watchers:
              8 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: