Adding OAuth access token in curl header leads to "failed to parse connect session auth token"

Attempting to programmatically access a JIRA Cloud instance, I followed the helpful tutorial up at https://developer.atlassian.com/cloud/jira/platform/jira-rest-api-oauth-authentication/

The very last section suggests the following header:

Pass the OAuth access token in the request header, not request body, when making requests: If you pass the OAuth data in the request body, it will return a “400 Bad Request” error for most methods. You must pass the data in the header instead, e.g. “Authorization: Bearer {access_token}“

Although the java app in the example can successfully reach my JIRA instance, I’m trying to understand / work at a lower level and so just tried to pass that in as a curl header flag:

% curl --verbose https://example.atlassian.net/rest/api/latest/issue/myissue-5 --header ‘Authorization: Bearer {61xcyqi…}’

However that leads to the response: {“error”: “Failed to parse Connect Session Auth Token”}

I’ve double-checked the token that I’m pasting in their from the java example’s config file, and the java app can still successfully reach my server. What else is needed in the HTTP headers to successfully pass the token through?

Partially answering my own question, I enabled debug logging on a the jira-python module successfully talking to my JIRA Cloud server, and it reminded me (alongside another website somewhere) that OAuth v1 (which is only what’s supported with JIRA Cloud at the moment) is much more complicated with the required headers than OAuth v2. So it’s much more sane to use all the modules (say, jira-python) that exist to help create the signatures, etc and other headers required for OAuth v1.

So if anything the tutorial I list at the beginning (https://developer.atlassian.com/cloud/jira/platform/jira-rest-api-oauth-authentication/) is erroneous in suggesting that OAuth v2 can be used with JIRA Cloud.

1 Like