CLEAN BUILD and RESTART = The app host returned HTTP response code 401 when we tried to contact it during installation. Please try again later or contact the app vendor

Hi! I cleaned build, restarted ngrok, app, incognito browser, reverted all changes to state like after skeleton build. But it is still 401.

This happens each time after skeleton build and some modifications, but total revert, clean and restarts gives no effect.

  "key": "${addon.key}",
  "baseUrl": "",
  "name": "x",
  "authentication": {
    "type": "jwt"
  "lifecycle": {
    "installed": "/installed",
    "uninstalled": "/uninstalled"
  "scopes": ["READ"],
  "apiMigrations": {
    "gdpr": true

JWT signature verification failed during reinstalation.
Or should I not reinstall after changes in atlassian-connect.json?

This is your own app that is failing, right? Seems like the /installed end-point is failing because the request can’t be authenticated/authorized. Since you’re using ngrok, try inspecting the incoming traffic. Do you have the ability to step-debug the code that gets invoked by a request at the /installed end-point?

1 Like

Hi David, Arthur,

I am experiencing the same problem. In my app log, I see the following:

Authentication verification error: 401 Could not find authentication data on request
2019-02-15T22:16:04.421143+00:00 app[web.1]: ::ffff: - - [15/Feb/2019:22:16:04 +0000] "POST /installed?user_key=admin&user_account_id=557058%3A0533f323-50ee-4d49-920f-815a9a3004b6 HTTP/1.1" 401 45 "-" "Atlassian HttpClient unknown / JIRA-1001.0.0-SNAPSHOT (100098) / Atlassian-Connect/1.294.0"

The code is exactly the same as before, just changed the app name… Any clue to solve that?

Thanks and best regards, Fred.

It looks like your server isn’t finding the authentication data that it expects the in-coming request to have. Is this an app that was installed previously, and which is now being re-installed? Carefully check the details of the installation handshake described at Authentication for Connect apps. In particular, ensure that your app’s descriptor declares that the app uses JWT as the authentication mechanism. You may find the Connect inspector helpful for viewing the JWT tokens on in-coming lifecycle events.

Hi David,

Yes, it’s an app that was previously installed on a Jira cloud instance. I made some changes in its descriptor, then tried to install thru a marketplace private listing token: I get the 401 at the end of the installation process.

What’s strange is that, on the same Jira instance, installation is OK if I directly provide the descriptor URL (not using private listing token).

Also, I tried to install the app thru another private listing token on another Jira cloud instance, and it’s OK.

So, from my point of view, there’s something remaining on the Jira cloud instance preventing further installation of the same app, but I can’t find out what. Actually the code did not change around JWT (which is used as authentication mechanism), nor any other code…

Strange enough !

1 Like

Hi David,

I made some investigations, and found out that the problem was at app DB data level. After reseting the DB, starting the app server again, it’s all good for new installations on Jira instances used to previous installations.

Thank you anyway for the tips!

Cheers, Fred

Yes, frederictardieu. It’s related with authentication data inside your database. You don’t need to drop database in order to resolve this issue, you can just remove record that’s related with your instance.

Also you can finish /uninstall webhook implementation to remove this data automatically. As I know this webhook needs it and will not remove anything without your help. The best way I see is to delete record by “clientKey” in AddonSettings table. You can get it inside your ACE app:


I just ran into this 401 JWT validation problem. In my case - using the spring boot starter - I did rollback accidentally some automatic changes which took place in addon-db.script. Removing the file solved the problem because the file and db should then be regenerated on restart. Hope this helps.

1 Like