As a developer consuming REST API, I would like to get results when I pull data from https://username:password@hostname.atlassian.net/rest/api/2/foo

I have encountered a significant and unadvertised difficulty in accessing the REST API.

I am working on an iOS app, which consumes information programmatically but doesn't handle redirects and cookies--I'm not saying that there's not probably something out there, but the tried and true standby of accessing https://username:password@hostname/rest/api/2/foo . And after pulling out my hair after figuring out why my iOS code wasn't handling JSON appropriately, I tried something.

I entered, in a browser window, https://username:password@hostname/rest/api/2/foo , and two things happened:

1: The correct data was displayed, and:

2: The URL was retconned to https://hostname/rest/api/2/foo

The reason why I only got empty results was that a REST API pull of https://username:password@hostname/rest/api/2/foo does not behave as one would expect from a REST API, especially not one as simple and powerful as JIRA genuinely offers.

I'm pretty much dead in the water for my original approach to getting data. I can circumvent this issue by manually copying data from JIRA to static content on my own server, but that is a workaround to a development blocker, not a solution, even a cumbersome one, to real production usage. You might be able to help me work around this difficulty, but if you're going to advertise a RESTful API, it would be nice if you didn't practically defeat the REST standby of https://username:password@hostname/rest/api/2/foo

I'm open to learning cookies or whatever powers live human browser usage of your REST API, but your failure to support basic authentication over HTTPS had me pulling my hair out trying to figure out what I had done wrong in iOS to not let iOS handle your JSON properly.

I think a REST API with support for basic authentication would be a major improvement.