Getting 403 error on GET to /rest/api/3/project with contradictory error message

AustinRuby · April 13, 2022, 5:09pm

I’m in the process of updating my app to use the new granular scopes for JIRA OAuth. I’ve added the scopes in my code and in the developer console, but when I attempt to GET from /rest/api/3/project, I receive the below error message:

“Access to the resource was denied due to missing scope grants. Your app was granted the following scopes: [read:field:jira, offline_access, read:issue:jira, read:label:jira, read:project:jira , read:project.component:jira].

The resource can be accessed by having one of these groups of:

current scopes: [read:issue-type-hierarchy:jira, read:user:jira, read:application-role:jira, read:avatar:jira, read:issue-type:jira, read:project:jira , read:project.property:jira, read:project-category:jira, read:project.component:jira, read:group:jira, read:project-version:jira]
deprecated scopes: [read:jira-work]”

As you can see in bold, the message is simultaneously telling me that I have the needed scope and that I can’t access the resource because I don’t have the needed scope.

I know that the endpoint I’m using is deprecated, but I’ve also tried with the newer /rest/api/3/project/search endpoint and get the same result. I’ve also hit the same endpoint in my browser and received a 200 response.

Has anyone else run into this? Am I missing something?

Thanks,

Austin

AlexHofer · April 16, 2022, 5:16am

I am also running into this same issue. It just started happening, this exact endpoint was working a few days ago with these same scopes and now suddenly it’s not. I got the same error and every scope listed in their list of suggestions is a scope I am already requesting.

I think it’s just more issues with their OAuth system.

This is my exact error message:

Access to the resource was denied due to missing scope grants. Your app was granted the following scopes: 
[read:application-role:jira, read:issue-worklog.property:jira, 
write:issue-worklog:jira, read:project-category:jira, read:project:jira, 
read:field-configuration:jira, read:issue.time-tracking:jira, 
read:user.property:jira, read:avatar:jira, read:issue-meta:jira, 
validate:jql:jira, read:audit-log:jira, read:project.component:jira,
api_access, read:group:jira, read:project-role:jira, validate:jql:jira\n, 
read:issue-worklog:jira, read:project-type:jira, read:user:jira, 
delete:issue-worklog:jira, read:issue-type:jira, read:project.property:jira,
write:project:jira, read:project-version:jira]
\nThe resource can be accessed by having one of these groups of:\n  
* current scopes: [read:issue-type-hierarchy:jira, 
read:user:jira, read:application-role:jira, read:avatar:jira, 
read:issue-type:jira, read:project:jira, read:project.property:jira,
 read:project-category:jira, read:project.component:jira, read:group:jira, 
read:project-version:jira]\n  * deprecated scopes: [read:jira-work]\n