Loading...

XML

Word

Printable

Type: Suggestion
Resolution: Unresolved
Component/s: Authentication
Labels:

UIS:
9
Support reference count:
19

Issue Summary

if you call the Jira Cloud REST API endpoints with wrong credentials you get status 200 (OK) with empty response.

Steps to Reproduce

curl -u user:WRONGTOKEN -X GET "https://<your site name>.atlassian.net/rest/api/3/issue/createmeta"

Observe 200 in response instead of 401:

{"expand":"projects","projects":[]}

Expected Results

Response with 401 status code

Actual Results

Response with 200 status code

Workaround

If you expand the headers you can see that the authentication failed:

curl -D- -u user:WRONGTOKEN -X GET "https://<your site name>.atlassian.net/rest/api/3/issue/createmeta"

HTTP/2 200 
date: Thu, 16 Nov 2023 11:11:56 GMT
[..removed..]
x-seraph-loginreason: AUTHENTICATED_FAILED
[...removed...]
atl-traceid: 5ca64d54a9a44c7fb3f7498588389e9a
[...]

{"expand":"projects","projects":[]}

is cloned from

JRACLOUD-81851 Misleading error message when authenticating REST API calls with API Key instead of API Token

Closed

supersedes

JRACLOUD-81851 Misleading error message when authenticating REST API calls with API Key instead of API Token

Closed

JRACLOUD-82405 /rest/api/2/user/search REST calls return 200 with no body using wrong API token causing confusions

Closed

Assignee:: Unassigned
Reporter:: Dario B
Votes:: 2 Vote for this issue
Watchers:: 11 Start watching this issue

Created:: 02/Feb/2024 2:10 AM
Updated:: Yesterday 6:34 PM

Details

Description

Issue Summary

Steps to Reproduce

Expected Results

Actual Results

Workaround

Attachments

Issue Links

Activity

People

Dates