I am very new to jira plugin development and I am trying build a plugin using jwt token. I am able to generate the jwt token successful and the signature is also verified (I checked it from https://jwt.io/ ) however, when I make a call with the jwt token I got a 401 response.
To test it out I try to access the following url from my bowser:
and it shows the 401 response.
Can anyone tell me what is wrong i am trying here.
Sorry for the very novice question. But I will really appreciate if you show me some light to more forward.
Hi @monjur - there’s plenty of things that could be contributing to this problem… so, perhaps start from the start. How did you generate the JWT? (following the Java example? using the
atlassian-jwt library from NPM?)
And by the way, not a novice question. All this auth still makes me feel like a n00b.
Thanks @nmansilla for your reply. I actually figured it out. The application-properties cannot be accessed by app, and that was the problem. However, I am using firebase/jwt php to generate the token and it was generating successfully. later I tried to extract an issue and I was successful for that.
Thanks for responding.
Doh, should have looked at what method you were calling. Well, good on ya for coming up with the answer to your own question.
I am trying something similar … Also my first time working on Connect Apps. Here is a sample code I am using. I am running this locally and on my Test server … and both returns a 401.
$key = 'test-key-used-in-app-desc';
$iat = (int) time();
$exp = $iat + 3600;
$sec = 'URiDszs6dEQZeTrBRc5H1FwIbdoVnvYmVlgsSIAqduji5NUndVFwvtin0XawuJWa6wLcOoBbUvbinkJCqMTChe';
$method = 'GET';
$baseUrl = 'https://xxx.atlassian.net';
$path = '/rest/api/3/search';
$qs = str_replace('?', '&', '?maxResults=100');
$qshStr = $method.'&'.$path.'&'.substr($qs, 1);
$qsh = hash('sha256', $qshStr);
$claims = array
"iss" => $key,
"exp" => $exp,
"iat" => $iat,
"qsh" => $qsh
$jwtToken = JWT::encode($claims, $sec);
$apiUrl = $baseUrl.$path.'?jwt='.$jwtToken;
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $apiUrl);
curl_setopt($ch, CURLOPT_HTTPGET, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: application/json', 'Accept: application/json'));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$curl_response = curl_exec($ch);
echo '<pre>';print_r(json_decode($curl_response, true));echo'</pre>';
Please advise where I am going wrong?