hey @epehrson thanks for your answer.
i read through the links, and i think this is not what we’re seeing here. we’re not an app, we just make requests on behalf of the logged in user – also we don’t have that enabled on our development space:
i’ve also checked the the endpoints that are mentioned in the linked article, to react correctly if the app is being blocked, and those endpoints told me “that i’m not an app”.
/api/3/data-policy:
curl --verbose -H "Authorization: Bearer $BEARER_TOKEN" https://api.atlassian.com/ex/jira/ea712a28-1636-4f3c-b8d3-d7a15f487591/rest/api/3/data-policy
< HTTP/2 403
< date: Wed, 28 Feb 2024 20:01:00 GMT
< content-type: application/json;charset=UTF-8
< server: AtlassianEdge
< timing-allow-origin: *
< x-arequestid: 1ed4e083d5686e36b73bfae05d864a77
< set-cookie: atlassian.xsrf.token=dc77acf678924284755a031081bc4fdc4bb81a11_lin; Path=/; SameSite=None; Secure
< x-aaccountid: 557058%3Ab5c2d168-22a2-4fbc-ad59-617cc01675f1
< cache-control: no-store, no-cache
< www-authenticate: OAuth realm="https%3A%2F%2Fusersnaptest.atlassian.net"
< www-authenticate: OAuth realm="https%3A%2F%2Fusersnaptest.atlassian.net"
< x-trace-id: 55ecf7a31ec14a558bd9de5f8edf88cc
< x-frame-options: SameOrigin
< x-content-type-options: nosniff
< x-xss-protection: 1; mode=block
< atl-traceid: 55ecf7a31ec14a558bd9de5f8edf88cc
< report-to: {"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": "endpoint-1", "include_subdomains": true, "max_age": 600}
< nel: {"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}
< strict-transport-security: max-age=63072000; preload
< vary: Accept-Encoding
<
{"errorMessages":["Only apps can access this resource."],"errors":{}}
same for the /api/3/data-policy/project:
curl --verbose -H "Authorization: Bearer $BEARER_TOKEN" https://api.atlassian.com/ex/jira/ea712a28-1636-4f3c-b8d3-d7a15f487591/rest/api/3/data-policy/project
< HTTP/2 403
< date: Wed, 28 Feb 2024 20:01:16 GMT
< content-type: application/json;charset=UTF-8
< server: AtlassianEdge
< timing-allow-origin: *
< x-arequestid: 0fc70eaf3b63c395bcc58bf7c032f555
< set-cookie: atlassian.xsrf.token=c657cef2ae25c2a782d97fb7e49451222f4666e8_lin; Path=/; SameSite=None; Secure
< x-aaccountid: 557058%3Ab5c2d168-22a2-4fbc-ad59-617cc01675f1
< cache-control: no-store, no-cache
< www-authenticate: OAuth realm="https%3A%2F%2Fusersnaptest.atlassian.net"
< www-authenticate: OAuth realm="https%3A%2F%2Fusersnaptest.atlassian.net"
< x-trace-id: cbf3d38ebbe04c9aa7a8ba197e0a52eb
< x-frame-options: SameOrigin
< x-content-type-options: nosniff
< x-xss-protection: 1; mode=block
< atl-traceid: cbf3d38ebbe04c9aa7a8ba197e0a52eb
< report-to: {"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": "endpoint-1", "include_subdomains": true, "max_age": 600}
< nel: {"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}
< strict-transport-security: max-age=63072000; preload
< vary: Accept-Encoding
<
{"errorMessages":["Only apps can access this resource."],"errors":{}}%
i’ve also noticed the same thing as was raised in this issue: Create Issue Meta Endpoint not returning fields - #3 by KunalChadha - we don’t get the entire set of fields returned on the createmeta. i could imagine that this is also connected to the strange behaviour we see with the issue create (summary must be present, but also can’t be present, see above).
with basic auth (new style):
curl --verbose -u jiratest@usersnap.com:$PERSONAL_TOKEN https://api.atlassian.com/ex/jira/ea712a28-1636-4f3c-b8d3-d7a15f487591/rest/api/2/issue/createmeta/10735/issuetypes/10436
< HTTP/2 200
< date: Wed, 28 Feb 2024 20:17:57 GMT
< content-type: application/json;charset=UTF-8
< server: AtlassianEdge
< timing-allow-origin: *
< x-arequestid: b19c3b4e5fb2debbfe186d46653df2c9
< set-cookie: atlassian.xsrf.token=2cf0ff958e6ac2443ddeaf14606f28b10567506c_lin; Path=/; SameSite=None; Secure
< x-aaccountid: 557058%3Ab5c2d168-22a2-4fbc-ad59-617cc01675f1
< cache-control: no-cache, no-store, no-transform
< vary: Accept-Encoding
< x-trace-id: 1900c8f4717845ffa8f147054b28e2da
< x-frame-options: SameOrigin
< x-content-type-options: nosniff
< x-xss-protection: 1; mode=block
< atl-traceid: 1900c8f4717845ffa8f147054b28e2da
< report-to: {"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": "endpoint-1", "include_subdomains": true, "max_age": 600}
< nel: {"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}
< strict-transport-security: max-age=63072000; preload
<
{"startAt":0,"maxResults":50,"total":15,"fields":[{"required":false,"schema":{"type":"user","system":"assignee"},"name":"Assignee","key":"assignee","autoCompleteUrl":"https://api.atlassian.com/ex/jira/ea712a28-1636-4f3c-b8d3-d7a15f487591/rest/api/2/user/assignable/search?project=TKAG&query=","hasDefaultValue":false,"operations":["set"],"fieldId":"assignee"}, ...
with basic auth, in the old style, it also works:
curl --verbose -u jiratest@usersnap.com:$PERSONAL_TOKEN 'https://api.atlassian.com/ex/jira/ea712a28-1636-4f3c-b8d3-d7a15f487591/rest/api/2/issue/createmeta?projectIds=10735&expand=projects.issuetypes.fields&issuetypeIds=10436'
< HTTP/2 200
< date: Wed, 28 Feb 2024 20:18:13 GMT
< content-type: application/json;charset=UTF-8
< server: AtlassianEdge
< timing-allow-origin: *
< x-arequestid: ce0d03bcd9c0af866cbeb6f6f2b800f2
< set-cookie: atlassian.xsrf.token=9b182e0b9f3640cd2a298ec91c20d96b759377a6_lin; Path=/; SameSite=None; Secure
< x-aaccountid: 557058%3Ab5c2d168-22a2-4fbc-ad59-617cc01675f1
< cache-control: no-cache, no-store, no-transform
< vary: Accept-Encoding
< x-trace-id: 1f4e8531004e4ccd99f96efdd9f3924e
< x-frame-options: SameOrigin
< x-content-type-options: nosniff
< x-xss-protection: 1; mode=block
< atl-traceid: 1f4e8531004e4ccd99f96efdd9f3924e
< report-to: {"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": "endpoint-1", "include_subdomains": true, "max_age": 600}
< nel: {"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}
< strict-transport-security: max-age=63072000; preload
<
{"expand":"projects","projects":[{"expand":"issuetypes","self":"https://api.atlassian.com/ex/jira/ea712a28-1636-4f3c-b8d3-d7a15f487591/rest/api/2/project/10735","id":"10735","key":"TKAG","name":"tkag test","avatarUrls":{"48x48":"https://api.atlassian.com/ex/jira/ea712a28-1636-4f3c-b8d3-d7a15f487591/rest/api/2/universal_avatar/view/type/project/avatar/10649","24x24":"https://api.atlassian.com/ex/jira/ea712a28-1636-4f3c-b8d3-d7a15f487591/rest/api/2/universal_avatar/view/type/project/avatar/10649?size=small","16x16":"https://api.atlassian.com/ex/jira/ea712a28-1636-4f3c-b8d3-d7a15f487591/rest/api/2/universal_avatar/view/type/project/avatar/10649?size=xsmall","32x32":"https://api.atlassian.com/ex/jira/ea712a28-1636-4f3c-b8d3-d7a15f487591/rest/api/2/universal_avatar/view/type/project/avatar/10649?size=medium"},"issuetypes":[{"self":"https://api.atlassian.com/ex/jira/ea712a28-1636-4f3c-b8d3-d7a15f487591/rest/api/2/issuetype/10436","id":"10436","description":"Tasks track small, distinct pieces of work.","iconUrl":"https://api.atlassian.com/ex/jira/ea712a28-1636-4f3c-b8d3-d7a15f487591/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318? ....
while the return from old vs. new createmeta is a bit different (not-wrapped in projects, pagination), the returned fields are the same, summary, description, etc. - customfields are also included (i have a complete copy the response, i just don’t to make this post to long and unreadable, but can send it, if it helps).
but if run the createmeta not with basic-auth, but with my oauth token, i either don’t get anything in return:
createmeta - new style, with oauth token:
curl --verbose -H "Authorization: Bearer $BEARER_TOKEN" https://api.atlassian.com/ex/jira/ea712a28-1636-4f3c-b8d3-d7a15f487591/rest/api/2/issue/createmeta/10735/issuetypes/10436
< HTTP/2 404
< date: Wed, 28 Feb 2024 19:56:41 GMT
< content-type: application/json;charset=UTF-8
< server: AtlassianEdge
< timing-allow-origin: *
< x-arequestid: 40ab3de44024e2f7883e2ef7d4e6068c
< set-cookie: atlassian.xsrf.token=a718e26619c5fb86b52ed720f677de4c927b1b47_lin; Path=/; SameSite=None; Secure
< x-aaccountid: 557058%3Ab5c2d168-22a2-4fbc-ad59-617cc01675f1
< cache-control: no-cache, no-store, no-transform
< x-trace-id: f7333e617f9b4989a878348c9e920c13
< x-frame-options: SameOrigin
< x-content-type-options: nosniff
< x-xss-protection: 1; mode=block
< atl-traceid: f7333e617f9b4989a878348c9e920c13
< report-to: {"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": "endpoint-1", "include_subdomains": true, "max_age": 600}
< nel: {"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}
< strict-transport-security: max-age=63072000; preload
<
* Connection #0 to host api.atlassian.com left intact
{"errorMessages":["You cannot create issues in this project."],"errors":{}}
or, i don’t get all of the fields: createmeta - new style, with oauth token:
curl --verbose -H "Authorization: Bearer $BEARER_TOKEN" 'https://api.atlassian.com/ex/jira/ea712a28-1636-4f3c-b8d3-d7a15f487591/rest/api/2/issue/createmeta?projectIds=10735&expand=projects.issuetypes.fields&issuetypeIds=10436'
< HTTP/2 200
< date: Wed, 28 Feb 2024 19:56:51 GMT
< content-type: application/json;charset=UTF-8
< server: AtlassianEdge
< timing-allow-origin: *
< x-arequestid: 66d405f7ba83d75c6f517737f27fa7a8
< set-cookie: atlassian.xsrf.token=3cda1d34d29bd47a98af3b93d2261826f3ba7db7_lin; Path=/; SameSite=None; Secure
< x-aaccountid: 557058%3Ab5c2d168-22a2-4fbc-ad59-617cc01675f1
< cache-control: no-cache, no-store, no-transform
< vary: Accept-Encoding
< x-trace-id: 15e2789a23fd4ccbab1dbafc519561bd
< x-frame-options: SameOrigin
< x-content-type-options: nosniff
< x-xss-protection: 1; mode=block
< atl-traceid: 15e2789a23fd4ccbab1dbafc519561bd
< report-to: {"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": "endpoint-1", "include_subdomains": true, "max_age": 600}
< nel: {"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}
< strict-transport-security: max-age=63072000; preload
{
"expand": "projects",
"projects":
[
{
"expand": "issuetypes",
"self": "https://api.atlassian.com/ex/jira/ea712a28-1636-4f3c-b8d3-d7a15f487591/rest/api/2/project/10735",
"id": "10735",
"key": "TKAG",
"name": "tkag test",
"avatarUrls":
{
"48x48": "https://api.atlassian.com/ex/jira/ea712a28-1636-4f3c-b8d3-d7a15f487591/rest/api/2/universal_avatar/view/type/project/avatar/10649",
"24x24": "https://api.atlassian.com/ex/jira/ea712a28-1636-4f3c-b8d3-d7a15f487591/rest/api/2/universal_avatar/view/type/project/avatar/10649?size=small",
"16x16": "https://api.atlassian.com/ex/jira/ea712a28-1636-4f3c-b8d3-d7a15f487591/rest/api/2/universal_avatar/view/type/project/avatar/10649?size=xsmall",
"32x32": "https://api.atlassian.com/ex/jira/ea712a28-1636-4f3c-b8d3-d7a15f487591/rest/api/2/universal_avatar/view/type/project/avatar/10649?size=medium"
},
"issuetypes":
[
{
"self": "https://api.atlassian.com/ex/jira/ea712a28-1636-4f3c-b8d3-d7a15f487591/rest/api/2/issuetype/10436",
"id": "10436",
"description": "Tasks track small, distinct pieces of work.",
"iconUrl": "https://api.atlassian.com/ex/jira/ea712a28-1636-4f3c-b8d3-d7a15f487591/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium",
"name": "Task",
"untranslatedName": "Task",
"subtask": false,
"scope":
{
"type": "PROJECT",
"project":
{
"id": "10735"
}
},
"expand": "fields",
"fields":
{
"issuetype":
{
"required": true,
"schema":
{
"type": "issuetype",
"system": "issuetype"
},
"name": "Issue Type",
"key": "issuetype",
"hasDefaultValue": false,
"operations":
[],
"allowedValues":
[
{
"self": "https://api.atlassian.com/ex/jira/ea712a28-1636-4f3c-b8d3-d7a15f487591/rest/api/2/issuetype/10436",
"id": "10436",
"description": "Tasks track small, distinct pieces of work.",
"iconUrl": "https://api.atlassian.com/ex/jira/ea712a28-1636-4f3c-b8d3-d7a15f487591/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium",
"name": "Task",
"subtask": false,
"avatarId": 10318,
"entityId": "fc28ab63-00d6-44fb-b805-49704dfbc8d7",
"hierarchyLevel": 0
}
]
},
"parent":
{
"required": false,
"schema":
{
"type": "issuelink",
"system": "parent"
},
"name": "Parent",
"key": "parent",
"hasDefaultValue": false,
"operations":
[
"set"
]
},
"project":
{
"required": true,
"schema":
{
"type": "project",
"system": "project"
},
"name": "Project",
"key": "project",
"hasDefaultValue": false,
"operations":
[
"set"
],
"allowedValues":
[
{
"self": "https://api.atlassian.com/ex/jira/ea712a28-1636-4f3c-b8d3-d7a15f487591/rest/api/2/project/10735",
"id": "10735",
"key": "TKAG",
"name": "tkag test",
"projectTypeKey": "software",
"simplified": true,
"avatarUrls":
{
"48x48": "https://api.atlassian.com/ex/jira/ea712a28-1636-4f3c-b8d3-d7a15f487591/rest/api/2/universal_avatar/view/type/project/avatar/10649",
"24x24": "https://api.atlassian.com/ex/jira/ea712a28-1636-4f3c-b8d3-d7a15f487591/rest/api/2/universal_avatar/view/type/project/avatar/10649?size=small",
"16x16": "https://api.atlassian.com/ex/jira/ea712a28-1636-4f3c-b8d3-d7a15f487591/rest/api/2/universal_avatar/view/type/project/avatar/10649?size=xsmall",
"32x32": "https://api.atlassian.com/ex/jira/ea712a28-1636-4f3c-b8d3-d7a15f487591/rest/api/2/universal_avatar/view/type/project/avatar/10649?size=medium"
}
}
]
}
}
}
]
}
]
}
as you can see many of the fields are missing: summary, description, component, etc.
we’re getting desperate here – our jira integration just stopped working for some customers and all debugging calls just return something different than a few days ago. our customers are obviously complaining and since they can’t forward their issues from Usersnap to Jira, they’re missing out on the value they’re used to – both from Usersnap and Jira.
every help is appreciated!