Hi all,
Let me try to add some clarity and context to this thread.
What changed?
The affected APIs were not intended to be working when using the site URL, this incorrect behaviour has been addressed and that’s why they are now returning a 401 status code.
The way forward is to always use the api.atlassian.com format when accessing the affected API endpoints.
This is documented for “OAuth 2.0 (3LO) apps” on the https://developer.atlassian.com/cloud/jira/platform/oauth-2-3lo-apps page.
We understand that this should have been communicated beforehand and we will do better in the future. This topic has been brought up with all the parties involved and we will improve our processes to make sure that the right communication with the right notice is provided.
Why 503?
While deploying the change, for a limited amount of time, when using the site URL format, the APIs have been returning a 503. This wasn’t intended and all affected APIs have been updated to return 401 as status code.
What about the incorrect documentation?
A few documentation pages are still mentioning the site URL format in the examples, this will be addressed as part of the [CONFCLOUD-72411] Documentation pages incorrectly suggest to use the "your-domain.atlassian.net" instead of the "api.atlassian.net" one - Create and track feature requests for Atlassian products. bug report.
If any other pages, that are not mentioned on the bug report, are also affected, please add a comment to the CONFCLOUD-72411 directly.
I hope I covered all the concerns expressed in this thread with this reply. If not, please let me know and I’ll get back to you.
Thank you,
Caterina