-
Suggestion
-
Resolution: Unresolved
-
None
-
None
-
1
-
Issue Summary
Starting Jira 9.12, POST method for /rest/auth/1/session doesn't work by default as there are some login form related changes.
The user would need to fallback to legacy form using flag
-Datlassian.authentication.legacy.mode=true
to make it work.
It was reported as bug: https://jira.atlassian.com/browse/JRASERVER-78353 but closed as Answered.
However we would need to correct the error message which is incorrect and is misleading. The error message is:
curl -X POST https://<base_url>/rest/auth/1/session -H 'content-type: application/json' -d '\{ "username": "<username>", "password": "<password>" }'{"message":"The request was rejected due to two-step verification being enabled on your instance."}
This comes even when no 2FA is enabled on the Jira instance.
Steps to Reproduce
- Refer: JRASERVER-78353
Expected Results
Error should be meaningful and should ideally suggest the flag in the error. This way user can decide further.
Once this is taken care, we need to update our REST API document present here.
Actual Results
Incorrect error is thrown even if no 2Factor authentication is present
The request was rejected due to two-step verification being enabled on your instance.
Workaround
Currently there is no known workaround for this behavior. A workaround will be added here when available
- relates to
-
JRASERVER-78353 POST method for /rest/auth/1/session doesn't work preventing using it for cookie-based authentication
-
- Closed
-