403 error on RestAPI call to /rest/api/2/screens though ADMIN scope set

m.schmidt · July 26, 2018, 8:58am

Using the node.js atlassian connect express module (2.1.4) I do:

        httpClient.get({
                url: `/rest/api/2/screens`,
                contentType: 'application/json',
                json: true
            }, (error, res, body) => {
                this.handleErrors(error, body, resolve) || resolve(body);
            });

which is working fine with other functions of my addon that need admin rights, but this one returns a 403 page. Why could that be? Can’t the plugin user access the screens?

It works with

          url: `/rest/api/2/screens/{screenId}/tabs`,

that needs ADMIN scope set.

Further investigation: In Postman, if I call ‘/rest/api/2/screens’ with a bearer token of an admin user, then it returns

{
    "errorMessages": [],
    "errors": {}
}

the same as without authentication. Basic auth works fine. With ‘/rest/api/2/screens/{screenId}/tabs’ both auth methods work fine.

iragudo · July 27, 2018, 2:06am

Hi @m.schmidt,

Unfortunately, Get all screens REST API is not available for apps as mentioned in the documentation. Using basic auth, however, you can access this resource.

If this is blocking your use case, kindly create a new feature request in Jira Service Management and we’ll progress from there.

Cheers,
Ian

m.schmidt · July 27, 2018, 7:00am

Thanks, Ian. I overlooked that.

mkruszynski · August 28, 2018, 6:49am

Hello @m.schmidt,
Get all screens REST API should be available for apps now.
Thank you for your engagement.

Regards,
Marcin