403 Forbidden received when trying to create JIRA issue using AP.Request

Hi all,

I’m trying to create a JIRA issue from confluence using the rest API with an AP.Request() call.

I have no problem attempting to create the issue using curl.

curl --request POST --url ‘https://XXX.atlassian.net/rest/api/3/issue’ --user YYY:ZZZ --header ‘Accept: application/json’ --header ‘Content-Type: application/json’ --data ‘{“fields”: {“summary”: “Issue Z created”, “issuetype”: { “id”: “10001” }, “project”: { “key”: “VP” },“description”: {“type”: “doc”,“version”: 1, “content”: [{ “type”: “paragraph”, “content”: [{“text”: “This is the description.”, “type”: “text”}]}]}}}’

Below is the AP.Request.

var jdataString = ‘{“fields”: {“summary”: “Issue Z created”, “issuetype”: { “id”: “10001” }, “project”: { “key”: “VP” },“description”: {“type”: “doc”,“version”: 1, “content”: [{ “type”: “paragraph”, “content”: [{“text”: “This is the description.”, “type”: “text”}]}]}}}’
AP.request({
url: ‘/rest/api/3/issue’,
type: ‘POST’,
headers : {
accept: ‘application/json’
},
contentType: ‘application/json’,
data: jdataString,
})
.then(function(data) {
alert(data.body);
})
.catch(e => alert(e.err));

The response returned is:

<!doctype html>HTTP Status 403 – ForbiddenH1 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;} H2 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:16px;} H3 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:14px;} BODY {font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;} B {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;} P {font-family:Tahoma,Arial,sans-serif;background:white;color:black;font-size:12px;}A {color : black;}A.name {color : black;}HR {color : #525D76;}

HTTP Status 403 – Forbidden


Type Status Report

Message Request not in an authorized API scope

Description The server understood the request but refuses to authorize it.


Apache Tomcat/7.0.91

I have looked at many similar issues in the community. I have tried the ‘X-Atlassian-Token’ :‘no-check’ header as well, but this doesn’t appear to help.

Since the above error message states Request not in an authorized API scope, I initially had “READ”, “WRITE”, but have since included all the scopes in my atlassian-connect.json. They are listed below.
“lifecycle”: {

    "installed": "/installed"
},
"scopes": [
    "READ",
    "WRITE",
    "DELETE",
    "ADMIN",
    "ACT_AS_USER"
],
"modules": {
    "generalPages": [

Any suggestions would be appreciated.

A confluence app cant call Jira rest api’s… you’ll need to create a Jira app and then have a way of “connecting” the install of the confluence app and the Jira app. At that point you can have your confluence app call your confluence backend end and have it retrieve the credentials for the Jira app and create the Jira issue.

Another option is to do 3LO from within the confluence app. You’ll have another set off issues - but you could do a lot more on the client side of things.

1 Like

Thanks for your response @danielwester. I’ll look into these options.

One more question though @danielwester, would User impersonation for Connect apps be an option here?

You’ll have the same issue. A Confluence app can only call Confluence rest apis.