Got "Encountered a 401 - Unauthorized error while loading this page" when called "GET /rest/api/3/user"

I got the token correctly, because the api “” call was successfully.

When I called https://{mydomain}, it gave 401 error.

The document is here, api-rest-api-3-user-get

The token scopes include read:jira-user.

The token scopes are manage:jira-configuration manage:jira-project write:jira-work read:jira-work read:jira-user read:me manage:jira-data-provider offline_access

Here is the url: https://{mydomain},applicationRoles.

@testadmin1forticasb welcome to the Atlassian developer community.

Because of the scopes you mentioned, I think you are talking about 3LO (three-legged OAuth). On that assumption, it looks to me like you are using the wrong URL pattern. Please see how the 3LO documentation explains to construct the request URL . The resulting URL should look like:{cloudid}/rest/api/3/user

Hi ibuchanan,

Thanks for the quick reply. 2 follow up questions:

  1. Why we can use https://{mydomain} before?
  2. We are now using /rest/api/3, may I know is this version’s API stable or not?



Why we can use https://{mydomain} before?

I’m not sure what you mean. That URL pattern still works for basic auth using API tokens. But those tokens don’t work with and don’t have scopes. When were you using that path with 3LO?

We are now using /rest/api/3, may I know is this version’s API stable or not?

As the v3 documentation states:

This documentation is for version 3 of the Jira Cloud platform REST API, which is the latest version but is in beta .

So we have not bound ourselves to stability by policy. That said, as a matter of practical concern, the API paths have not had any breaking changes. I think this is the 4th year this version has been “in beta”. I think we have started to honor our REST API policy, even if we are not officially committed.

We started using the OAuth 2.0 (3LO) apps with the https://{mydomain} from the beginning of last year, it works until recently. So we are wondering if there is any change recently on your side.



I don’t know. If it worked, it was not working as intended. I only know the URL path with is the specified way to make 3LO requests.