Adding "read🏷jira" scope (which is required to get Labels) is causing errors in other APIs

Hello,

I have added the scope “read:label:jira” which is required to access “GET /rest/api/3/label”. After I added the above scope my below 2 APIs are giving 400 errors:

POST /rest/api/3/search
POST /rest/api/3/webhook

Can anyone guide me to the right direction?
Thanks

Hi @niraj1,
thanks for posting on the community.
Can you share with us the error message and the list of scopes you added to your app?

Hey @BeataSzturemska,

Here are the list of scopes I have added for the app:

read:label:jira
read:me
read:account
write:webhook:jira
write:user.property:jira
write:user-configuration:jira
write:project.property:jira
write:project.feature:jira
write:project.avatar:jira
write:project:jira
write:project-version:jira
write:project-role:jira
write:project-category:jira
write:issue.watcher:jira
write:issue.property:jira
write:issue:jira
write:issue-worklog.property:jira
write:issue-worklog:jira
write:issue-type.property:jira
write:issue-type:jira
write:issue-link:jira
write:issue-link-type:jira
write:field:jira
write:field-configuration:jira
write:comment.property:jira
write:comment:jira
write:avatar:jira
write:attachment:jira
validate:jql:jira
read:webhook:jira
read:user.property:jira
read:user:jira
read:user-configuration:jira
read:status:jira
read:project.property:jira
read:project.feature:jira
read:project.component:jira
read:project.avatar:jira
read:project:jira
read:project-version:jira
read:project-type:jira
read:project-category:jira
read:jql:jira
read:issue.vote:jira
read:issue.property:jira
read:issue.changelog:jira
read:issue:jira
read:issue-worklog.property:jira
read:issue-worklog:jira
read:issue-type.property:jira
read:issue-type:jira
read:issue-type-hierarchy:jira
read:issue-status:jira
read:issue-security-level:jira
read:issue-meta:jira
read:issue-link:jira
read:issue-link-type:jira
read:issue-details:jira
read:group:jira
read:field.option:jira
read:field.default-value:jira
read:field:jira
read:field-configuration:jira
read:comment.property:jira
read:avatar:jira
read:application-role:jira
delete:webhook:jira
delete:user.property:jira
delete:user-configuration:jira
delete:project.property:jira
delete:project.component:jira
delete:project.avatar:jira
delete:project:jira
delete:issue.property:jira
delete:issue:jira
delete:issue-worklog.property:jira
delete:issue-worklog:jira
delete:issue-type.property:jira
delete:issue-type:jira

What’s about the error message? Can you share it as well?

Error response data is pretty generic with status code 400.

data: '<!doctype html><html lang="en"><head><title>HTTP Status 400 – Bad Request</title><style type="text/css">body {font-family:Tahoma,Arial,sans-serif;} h1, h2, h3, b {color:white;background-color:#525D76;} h1 {font-size:22px;} h2 {font-size:16px;} h3 {font-size:14px;} p {font-size:12px;} a {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP Status 400 – Bad Request</h1><hr class="line" /><p><b>Type</b> Exception Report</p><p><b>Message</b> Request header is too large</p><p><b>Description</b> The server cannot or will not process the request due to something that is perceived to be a client error (e.g., malformed request syntax, invalid request message framing, or deceptive request routing).</p><p><b>Exception</b></p><pre>java.lang.IllegalArgumentException: Request header is too large\n' +
      '\torg.apache.coyote.http11.Http11InputBuffer.fill(Http11InputBuffer.java:790)\n' +
      '\torg.apache.coyote.http11.Http11InputBuffer.parseHeader(Http11InputBuffer.java:971)\n' +
      '\torg.apache.coyote.http11.Http11InputBuffer.parseHeaders(Http11InputBuffer.java:604)\n' +
      '\torg.apache.coyote.http11.Http11Processor.service(Http11Processor.java:292)\n' +
      '\torg.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65)\n' +
      '\torg.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:895)\n' +
      '\torg.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1732)\n' +
      '\torg.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)\n' +
      '\torg.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1191)\n' +
      '\torg.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659)\n' +
      '\torg.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)\n' +
      '\tjava.lang.Thread.run(Unknown Source)\n' +
      '</pre><p><b>Note</b> The full stack trace of the root cause is available in the server logs.</p><hr class="line" /><h3>Apache Tomcat/9.0.56</h3></body></html>'
  },
config: {
      url: 'https://api.atlassian.com/ex/jira/cloud-id/rest/api/3/webhook',
      method: 'post',
      data: '{"webhooks":[{"jqlFilter":"project = 10002","events":["jira:issue_updated","jira:issue_deleted"]}],"url":webhook_url}',
      headers: [Object],
      transformRequest: [Array],
      transformResponse: [Array],
      timeout: 0,
      adapter: [Function: httpAdapter],
      xsrfCookieName: 'XSRF-TOKEN',
      xsrfHeaderName: 'X-XSRF-TOKEN',
      maxContentLength: -1,
      maxBodyLength: -1,
      validateStatus: [Function: validateStatus]
    },

Thanks, it helped me a lot in my investigation.
It looks that it’s not a problem with ​read:label:jira scope, but with the number of scopes that you are using.

I have passed the results of my investigation to a team responsible for granular scopes, but do not expect any response today as it’s evening there.

Sorry for the inconveniences.

Hi @niraj1,

We raised a bug report today on this.
Here is the link: [FRGE-643] - Ecosystem Jira

There are some workarounds available there for you, please let us know if they are not an option right now.

In particular, we would like to know if reducing the number of scopes is not possible and all the ones in list provided are required for the app to function.

Thanks,
Caterina

1 Like

Hey @ccurti

It was the problem with the number of scopes I have used. I didn’t need all the scopes BUT I added them anyway just to reduce my future scope of work. Once I only used the scopes which I need for now, it started working properly. Until today, I have realized that one particular API is not working(except everything else is working fine).

Here is the link to the problem which my colleague has raised on the community forum.

Below scopes

read:issue.transition:jira
read:status:jira
read:field-configuration:jira

are added in the OAuth2 application BUT the error upon calling the transition API shows read:issue.transition:jira scope needs to be added. All the scopes are part of the auth URL as well.

I have tried removing all the scopes and added them again just to sync everything if it wasn’t before BUT no luck.

This is something where our entire integration is stuck due to this issue and we are at the final stage of it. Can any one please look into this and guide us in a direction where we can resolve this really quick.

@niraj1 thanks for letting us know that, after reducing the scopes, the scopes are now working properly.

Regarding the read:issue.transition:jira, I can reproduce the same behaviour.

We are having a look and we’ll keep you posted.

Thanks,
Caterina

1 Like

Hey @ccurti ,

That’s at least a relief to know the issue is from Jira’s side. Thanks for confirming it.

Regardless of this, We are stuck at our Jira integration - v2 from past 1 week due to this issue. I would appreciate if this gets resolved quickly.

Thanks

3 Likes

@ccurti Any update on this?

1 Like

Interested as well. We have a large list of scopes needed for our app.

@ccurti @BeataSzturemska Any update on this?

2 Likes

@ccurti @BeataSzturemska It’s been a blocker for us. We would be grateful if you let us know if there are any updates.

2 Likes

As of a few hours ago, it had been rolled out to some staging environments and should be on its way to production. We’ll let you know as soon as we hear that it is in production.

3 Likes

@Nadiraogi for large list of scopes, the best place to follow up on progress is [FRGE-643] - Ecosystem Jira. This one is still open.

The comment below by my colleague Bentley refers to the availability of the read:issue.transition:jira scope.

Caterina

3 Likes

Thanks for the update :clap:

Thanks for the update @bentley. I haven’t tried out yet BUT will surely do.

Hello everyone, the fix is now in production and the issue around read:issue.transition:jira should be gone.

4 Likes

@OctavianGenes Thanks for the update. Now it’s working.

1 Like