Alternate API to use for login into Capture Server

Hello Team,
We are using Capture for Jira Server.
Below is the call and function how we are using.


http://localhost:7014/rest/auth/latest/session?os_authType=none

function getCurrentUserAuth(server, callBack) {
    var URI = server.url + '/rest/auth/latest/session?os_authType=none',
        options = {
            statusCode: {
                // 0: function() {
                //   /* No-op to ensure correct error message in handleAjaxError */ },
                401: function (xhr) {
                    capture.setLoggedIn(false);
                    xhr.errorHandled = true;
                    showSettingsFormHideCancel();
                    eve('settings.warning.message.show', null, T('start.login'));
                    eve('settings.error.hide.annotations', null, true);
                    eve('form.buttons.disable', null, true);
                },
                404: function (xhr) {
                    xhr.msgkey = 'error.notfound.jira';
                }
            },
            error: function (xhr) {
                if (!(xhr.status in options.statusCode)) {
                    xhr.msgkey = 'error.auth.failed.get';
                }
                clearLoginCallbacks();
            },
            elem: '#com\\.atlassian\\.bonfire\\.jiras'
        };

    restGetRequestToJiraServer(URI, callBack, options);
}

The above is happening from 10.0.2 onwards. For 10.0.1, it’s working fine. Here is the link related to this.
https://confluence.atlassian.com/enterprise/manage-two-step-verification-for-your-atlassian-account-1384125346.html

We need support in 2 things.

  1. As soon as we setup 2 FA, and login, immediately it throws error, but as soon as we refresh it starts working. Don’t know why this is happening.
    The below is the image when we try to login for first time, it throws 403 forbidden, but on refresh it starts working. What to do such that as soon as we login, it starts working, so that we don’t have to refresh.

  2. Can anyone help me with alternate API, because there can be many customers who doesn’t want to setup 2FA. So for them which API can help us.

Hi @RaghunandanTata,
it looks like you’re experiencing issues with the getCurrentUserAuth function in Jira 10.0.2 that weren’t present in 10.0.1. This might be due to changes or updates in how sessions or authentication are handled in the newer version.

You could try to refresh the request after xsec if you get an 403 error:

setTimeout(function() {
restGetRequestToJiraServer(URI, callBack, options);
}, 2000);

function getCurrentUserAuth(server, callBack) {
    var URI = server.url + '/rest/auth/latest/session?os_authType=none',
        options = {
            statusCode: {
                401: function (xhr) {
                    capture.setLoggedIn(false);
                    xhr.errorHandled = true;
                    showSettingsFormHideCancel();
                    eve('settings.warning.message.show', null, T('start.login'));
                    eve('settings.error.hide.annotations', null, true);
                    eve('form.buttons.disable', null, true);
                },
                403: function (xhr) {
                    // Retry logic for 403 error
                    setTimeout(function() {
                        restGetRequestToJiraServer(URI, callBack, options);
                    }, 2000);
                },
                404: function (xhr) {
                    xhr.msgkey = 'error.notfound.jira';
                }
            },
            error: function (xhr) {
                if (!(xhr.status in options.statusCode)) {
                    xhr.msgkey = 'error.auth.failed.get';
                }
                clearLoginCallbacks();
            },
            elem: '#com\\.atlassian\\.bonfire\\.jiras'
        };

    restGetRequestToJiraServer(URI, callBack, options);
}

Maybe it helps :slight_smile:

Cheers,
Daniel