When a new Forge version is required to republish my application on the Jira Marketplace, the update process introduces an issue with my web trigger functionality. Specifically, the authorization within the web trigger no longer works as expected.
Below is the relevant code snippet for your reference:
@SakshamPachauri3P can you tell me a bit more about what is not working when it comes to the web trigger authorization? Are you seeing a particular error ?
Hi @mpaisley , I was calling a jira comment api
api .asApp()
.requestJira(route/rest/api/3/issue/${issueKey}/comment, {
method: ‘POST’,
headers: {
“Accept”: ‘application/json’,
“Content-Type”: ‘application/json’,
“Authorization”: Basic ${process.env.JIRA_API_TOKEN}
},
inside web trigger when session is ended ,call this webtrigger to post comment error i’m getting 401 authorization error.
@SakshamPachauri3P thanks for clarifying, 401 is returned if credentials are incorrect or missing - I think this could be related to the fact that you’re actually mixing two types of Authentication in your API call.
When you use api.asApp() (or api.asUser()) Forge handles the authentication for you, so you don’t need to use the Authorization header as well. See Product REST APIs - requestJira for more details.
The Authorization header can be used when you don’t want to use the authentication built into forge.
When you are using canAddComments to check user permissions, this checks the permissions agains the asApp method, so in this case, i think you should just delete the “Authorization”: Basic ${process.env.JIRA_API_TOKEN} line from your app.
I hope this helps - if so would you mind marking this as resolved? If not, please do feel free to comment below with further information.
Cheers!
Mel
