This is confusing and often we can see in support tickets or in community threads that customers believe they have to use the API Token (that is supposed to be used for Basic Authentication only) as the <api_token>.
It should be made clear that the header "Authentication: Bearer <api_token>" is intended to be used for Oauth only.
- Go to https://developer.atlassian.com/cloud/jira/platform/rest/v3
- Search for an example related to any endpoint you may want to use, e.g. GET issue
The example should either not include authorization headers like the below one or show how to autenticate the requests in curl:
The example is setting the header for Bearer Authentication followed by the <access_token> that many customers are confusing with the API Token
Use the below format to authenticate REST API calls with Curl depending on the kind of authentication:
- Basic Authentication
Where XXXXXXXX is the string <EMAIL_ADDRESS>:<API_TOKEN> encoded in base64. For more details please review: https://developer.atlassian.com/cloud/jira/platform/jira-rest-api-basic-authentication/
Where XXXXXXXX is the access token obtained as explained in: https://developer.atlassian.com/cloud/jira/platform/jira-rest-api-oauth-authentication/