I’m having an issue in our deployed environments but not development. In my local .env, I have an API key that has an ‘=’ so I escape that out in my .env and everything works fine. However, in AWS Secrets manager, escape characters break everything.
Is this the reason I can make api calls in dev but not our deployed environments? I’m trying to create an issue through an issue form that makes a POST request via axios. It’s successful in dev but gives a 403 in the other environments. Could something else be causing the 403?
Hi @evanandrewson. Welcome to the dev community.
Let me make sure I understand your situation. In your development environment, you’re not using AWS Secrets Manager, but instead, have the API key stored locally, and things work fine. But, in production, API keys are pulled from AWS Secrets Manager, and you’re getting 403s when trying to make Jira API calls. Is that right?
If so, and you’re certain that your production key is working fine (e.g. tested prod key on your local machine, or just made create issue call from Postman using prod key), then something may definitely be going wrong in how you’re escaping/unescaping.
Hi @nmansilla
Thanks for the prompt reply. Yes that’s correct. We use the same api key for dev/prod and I confirmed it works in dev and postman. I double checked the strings that popped out of
Basic ${Buffer.from(${username}:${apiKey}).toString(‘base64’)}
using both the hardcoded api keys featuring the escape character and without the escape character and got the same string. So upon further investigation, it doesn’t appear to be an escaping issue.
Is there something else that could be causing a 403 in prod but not dev? With the same username and api key?
@evanandrewson Is your app build on Forge or Connect framework?
Thanks a ton for being so responsive @nmansilla.
I’m not the admin so I’m embarrassed to say I’m not sure. From the docs I believe I’m just making ad-hoc api calls using basic auth (https://developer.atlassian.com/cloud/jira/platform/rest/v3/intro/#ad-hoc-api-calls).
I’m getting in touch with the admin right now. I’m not sure how the api key was provisioned. I’ll post again once I have the exact info.
Hi @nmansilla
My admin said we aren’t using either. Do you know what could be causing the issue?