Basic authentication with passwords is deprecated

SamMcMurray · October 23, 2020, 5:53pm

I am trying to complete the Hello World app in the tutorial. I was successful the first time, then my API token expired. I created a new token and have been getting the following error message whenever I run npm start:

Failed to register with host domain/wiki (401)

Basic authentication with passwords is deprecated. For more information, see: https://confluence.atlassian.com/cloud/deprecation-of-basic-authentication-with-passwords-for-jira-and-confluence-apis-972355348.html

Add-on not registered; no compatible hosts detected

I’ve reinstalled the add-on a few times, I’m still getting the same error. For reference, my credentials files is set as shown below:
{
“hosts” : {
“https://apiture-techwriter.atlassian.net/”: {
“product” : “confluence”,
“username” : “sam.mcmurray@apiture.com”,
“password” : “new_api_token”
}
}
}

Does anyone know what is happening? I’m completely stumped.

rwhitbeck · October 23, 2020, 7:18pm

At what part in the terminal are you getting this error? When the app is installing or when you try to access the app in a page somewhere?

SamMcMurray · October 23, 2020, 7:35pm

The error occurs during install. It gets as far establishing the tunnel and then fails.

rwhitbeck · October 23, 2020, 7:36pm

Can you paste the terminal output here? Just look it over for sensitive info first.

SamMcMurray · October 23, 2020, 7:47pm

sam:confluence-helloworld-addon sam.mcmurray$ npm start

helloworld-app@0.0.1 start /Users/sam.mcmurray/UserApps and Macros/Test Apps/confluence-helloworld-addon
node app.js

Watching atlassian-connect.json for changes
Add-on server running at http://sam.mcmurray:3000
Executing (default): CREATE TABLE IF NOT EXISTS AddonSettings (id INTEGER PRIMARY KEY AUTOINCREMENT, clientKey VARCHAR(255), key VARCHAR(255), val JSON); {
plain: false,
raw: true,
logging: [Function],
timestamps: false,
validate: {},
freezeTableName: false,
underscored: false,
paranoid: false,
rejectOnEmpty: false,
whereCollection: null,
schema: null,
schemaDelimiter: ‘’,
defaultScope: {},
scopes: {},
indexes: [
{
fields: [Array],
type: ‘’,
parser: null,
name: ‘addon_settings_client_key_key’
}
],
name: { plural: ‘AddonSettings’, singular: ‘AddonSetting’ },
omitNull: false,
sequelize: Sequelize {
options: {
dialect: ‘sqlite’,
dialectModule: null,
dialectModulePath: null,
protocol: ‘tcp’,
define: {},
query: {},
sync: {},
timezone: ‘+00:00’,
clientMinMessages: ‘warning’,
standardConformingStrings: true,
logging: [Function],
omitNull: false,
native: false,
replication: false,
ssl: undefined,
pool: {},
quoteIdentifiers: true,
hooks: {},
retry: [Object],
transactionType: ‘DEFERRED’,
isolationLevel: null,
databaseVersion: 0,
typeValidation: false,
benchmark: false,
minifyAliases: false,
logQueryParameters: false,
adapter: ‘sequelize’,
storage: ‘:memory:’
},
config: {
database: undefined,
username: undefined,
password: null,
host: ‘localhost’,
port: undefined,
pool: {},
protocol: ‘tcp’,
native: false,
ssl: undefined,
replication: false,
dialectModule: null,
dialectModulePath: null,
keepDefaultTimezone: undefined,
dialectOptions: undefined
},
dialect: SqliteDialect {
sequelize: [Circular],
connectionManager: [ConnectionManager],
QueryGenerator: [SQLiteQueryGenerator]
},
queryInterface: QueryInterface {
sequelize: [Circular],
QueryGenerator: [SQLiteQueryGenerator]
},
models: { AddonSetting: AddonSetting },
modelManager: ModelManager { models: [Array], sequelize: [Circular] },
connectionManager: ConnectionManager {
sequelize: [Circular],
config: [Object],
dialect: [SqliteDialect],
versionPromise: null,
dialectName: ‘sqlite’,
pool: [Pool],
connections: [Object],
lib: [Object]
},
importCache: {}
},
hooks: true,
uniqueKeys: {},
type: ‘RAW’,
uuid: ‘default’,
inMemory: 1,
readWriteMode: undefined
}
Executing (default): PRAGMA INDEX_LIST(AddonSettings) {
plain: false,
raw: true,
logging: [Function],
timestamps: false,
validate: {},
freezeTableName: false,
underscored: false,
paranoid: false,
rejectOnEmpty: false,
whereCollection: null,
schema: null,
schemaDelimiter: ‘’,
defaultScope: {},
scopes: {},
indexes: [
{
fields: [Array],
type: ‘’,
parser: null,
name: ‘addon_settings_client_key_key’
}
],
name: { plural: ‘AddonSettings’, singular: ‘AddonSetting’ },
omitNull: false,
sequelize: Sequelize {
options: {
dialect: ‘sqlite’,
dialectModule: null,
dialectModulePath: null,
protocol: ‘tcp’,
define: {},
query: {},
sync: {},
timezone: ‘+00:00’,
clientMinMessages: ‘warning’,
standardConformingStrings: true,
logging: [Function],
omitNull: false,
native: false,
replication: false,
ssl: undefined,
pool: {},
quoteIdentifiers: true,
hooks: {},
retry: [Object],
transactionType: ‘DEFERRED’,
isolationLevel: null,
databaseVersion: 0,
typeValidation: false,
benchmark: false,
minifyAliases: false,
logQueryParameters: false,
adapter: ‘sequelize’,
storage: ‘:memory:’
},
config: {
database: undefined,
username: undefined,
password: null,
host: ‘localhost’,
port: undefined,
pool: {},
protocol: ‘tcp’,
native: false,
ssl: undefined,
replication: false,
dialectModule: null,
dialectModulePath: null,
keepDefaultTimezone: undefined,
dialectOptions: undefined
},
dialect: SqliteDialect {
sequelize: [Circular],
connectionManager: [ConnectionManager],
QueryGenerator: [SQLiteQueryGenerator]
},
queryInterface: QueryInterface {
sequelize: [Circular],
QueryGenerator: [SQLiteQueryGenerator]
},
models: { AddonSetting: AddonSetting },
modelManager: ModelManager { models: [Array], sequelize: [Circular] },
connectionManager: ConnectionManager {
sequelize: [Circular],
config: [Object],
dialect: [SqliteDialect],
versionPromise: null,
dialectName: ‘sqlite’,
pool: [Pool],
connections: [Object],
lib: [Object]
},
importCache: {}
},
hooks: true,
type: ‘SHOWINDEXES’,
uuid: ‘default’,
inMemory: 1,
readWriteMode: undefined
}
Executing (default): CREATE INDEX addon_settings_client_key_key ON AddonSettings (clientKey, key) {
plain: false,
raw: true,
logging: [Function],
benchmark: undefined,
transaction: undefined,
schema: null,
fields: [ ‘clientKey’, ‘key’ ],
parser: null,
name: ‘addon_settings_client_key_key’,
prefix: ‘AddonSettings’,
supportsSearchPath: false,
type: ‘RAW’,
uuid: ‘default’,
inMemory: 1,
readWriteMode: undefined
}
Local tunnel established at https://62d3bb1d80b3.ngrok.io/
Check http://127.0.0.1:4040 for tunnel status
Registering add-on…
Failed to register with host https://apiture-techwriter.atlassian.net/wiki/(401)
Basic authentication with passwords is deprecated. For more information, see: https://confluence.atlassian.com/cloud/deprecation-of-basic-authentication-with-passwords-for-jira-and-confluence-apis-972355348.html

Add-on not registered; no compatible hosts detected

rwhitbeck · October 30, 2020, 5:32pm

Just following up on this. I’m also able to replicate the 401 status code when Atlassian Connect Express tries to auto register with credentials.json.

I’m digging in internally.

souha · October 30, 2020, 6:45pm

@rwhitbeck, i am just testing now and don’t have any issue to register my addon

rwhitbeck · October 30, 2020, 6:46pm

Yeah I’m am also the only one internally that is having this issue. So I don’t think it’s broken generally but something locally.

rwhitbeck · October 30, 2020, 7:28pm

OK I figured out my issue…turned out to be a PEBKAC on me entering in my credentials (I feel shame).

@SamMcMurray I was orginially thinking that you copy/pasted the API token incorrectly. Can you try creating a new token and using that?

SamMcMurray · October 30, 2020, 7:58pm

Created a new token (TestKey) and copied into credentials.json. I’m still getting the same error. For reference, I copied the API key using the Copy button from the Admin page display the Organization ID and API Key.

marc · October 30, 2020, 8:43pm

@SamMcMurray One thing you can try is to do a API call with these credentials using e.g. curl to fetch a page. If that fails also, something is wrong with the credentials. Might have to do with SSO (if your organization is using this).

SamMcMurray · October 30, 2020, 10:45pm

Hey marc,

I got the same error using curl and encoded string. The site doesn’t use SSO currently (it’s literally a sandbox for me to build and test app functionality; there are no other users or admins).

marc · November 2, 2020, 10:04am

@SamMcMurray My recommendation: get another api key, make sure you use the same email as you use for login, and make sure this works with a curl call.
It seems something with your credentials is wrong.

SamMcMurray · November 2, 2020, 2:18pm

Hi marc,

At the risk of putting my foot in my mouth, I’m certain the email is correct. But I went ahead and checked it again: it’s the same login I used when it worked the first time (sam.mcmurray@apiture.com). I created another API key, updated the credentials.json file, and tried to run npm start from the terminal. Same error. Just out of curiosity, I used the encoded string instead of the API key and got the same error. I even created a new user with a different email/API token, same error.

My curl call is still returning the error too. The only thing different from the first successful attempt is that API key/encoded string. At this point, I don’t think creating new API keys is the solution, but I really don’t know.

Does it make any difference that I’m using the free version of Confluence?

marc · November 3, 2020, 11:21am

@SamMcMurray Strange. Can you post the curl call with your key redacted as XXXXXXXX?

SamMcMurray · November 5, 2020, 2:41pm

curl --request GET “https://apiture-techwriter.atlassian.net/wiki/rest/apit/search?limit=1&cql=id%20!=%200%20order%20by%20lastmodified%20desc”
–header ‘Accept: application/json’
–header ‘Authorization: Basic XXXXXXXXXXXXX’
This gave me the same 401 error.

I’ve also tried: curl -D- -X GET -H “Authorization: XXXXXX” -H “Content Type: application/json” “https://apiture-techwriter.atlassian.net/wiki/rest/api/space”
This produced a 403 error:
“message”:“Current user not permitted to use Confluence”,“statusCode”:403

I tried encoding a couple more keys, copy/pasted and manually entered the encoded string, getting the same errors depending on the curl method.

marc · November 5, 2020, 2:59pm

Besides the typo in the first call “…/rest/apit/…”,I don’t know the cause.

SamMcMurray · November 5, 2020, 3:36pm

Good catch @marc . Unfortunately, it still threw the same error. @rwhitbeck, do you have any other suggestions? Since the site isn’t being used for anything other than development/testing, I was wondering if creating a new one would solve the issue (for about a year until my API key expires again, anyway). Thoughts?

WilbertoECasillas · June 18, 2021, 4:29pm

Was this ever solved?? I am trying to use an api key with my username, I have admin permissions and yet I still get. All I did was try to use the basic auth as described here:
https://developer.atlassian.com/cloud/confluence/basic-auth-for-rest-apis/

had a colleague also try to Curl with his own key and it returned the same error.

“message”: “Current user not permitted to use Confluence”,