Issue in generating access token using OAuth2 Authentication in confluence server

Confluence Development Confluence Server
1

When we try to set up OAuth2 authentication in confluence on-prem server using the below steps, we get issue in generating access token.

To create an incoming link

  1. Login into confluence on-prem server and Go to Administrator > General Configuration > Application links.

  2. Select Create link.

  3. Select External application, and then choose Incoming as the direction

  4. After this we’ll get client id and client secret of application link. Select Application Link → View Credential.

  5. Request Authorization code by redirecting the user to the /rest/oauth2/latest/authorize page with the URL https://confluence.integ.us-west-2.beta.kendra.aws.a2z.com/plugins/servlet/oauth2/consent?client_id=7a8aeab250b334901ac54271d09e2fbc&redirect_uri=https://httpbin.org/&response_type=code&scope=READ&code_challenge_method=S256&code_challenge=Y2ztq_2-XO_l2mKSE-zrUD6tp4Ppf1ru18_3IUQ1zLA

We have generated the code_challenge with tool https://example-app.com/pkce

  1. Get consent screen that asks the user to approve the application’s request to access their account with the scopes specified in scope. The user is then redirected to the URL specified in redirect_uri. The redirect includes the authorization code.

  2. When click on Allow button we get authorization code.
    Authorization Code : d880dbaa35bd1fd3cde35776de3ce6c2

  3. With the authorization code returned from the previous request, we can request an access_token with postman and in this step we get another error.

POST URL : https://confluence.integ.us-west-2.beta.kendra.aws.a2z.com/rest/oauth2/latest/token

Request Body :
{ "grant_type": "authorization_code", "client_id": "7a8aeab250b334901ac54271d09e2fbc", "client_secret": "508687852c3d4448df6e1c0cec1301e46c39a480d19bad981fa66439c13429f8", "code": "d880dbaa35bd1fd3cde35776de3ce6c2", "redirect_uri": "https://httpbin.org/", "code_verifier": "8b953f08e4e438ba10d2a1e78344fa0df89271c25768b4f4d4619167" }

Response with Error Message :

{
    "errors": [
        "The server could not perform this operation - please check application logs."
    ],
    "fieldErrors": {}
}

when we check the logs in <confluence_installation_directory>/logs/catalina.log file we didn’t find any error in that so where we need to check the confluence logs for the error.

Referring this documentation to setup OAuth2 Authentication on Confluence on-prem server.

we would appreciate if you could point us in the right direction on how to resolve this issue and set up the OAuth2 authentication on the Confluence on-prem server.

2

Hi @KaiGao , Were you able to figure out the issue? I see the exact same error while trying to generate the access code. Please confirm

3

Hi Bhargavi,
we haven’t got any help yet and we haven’t figured out the issue.

4

curl --location --request POST ‘https://instenv-70456-sit3.instenv.internal.atlassian.com/rest/oauth2/latest/token?client_id=2e5f812d2bca101851b67c317cf5cf1b&cl&client_secret=5143c035abafba2c41712f44b216c5401240583e75c069f3dc7ab4bf1bf57f36&redirect_uri=https://www.example.com’ \ 2–header ‘Content-Type: application/x-www-form-urlencoded’ \ 3–data-urlencode ‘grant_type=authorization_code’ \ 4–data-urlencode ‘code=5472559ae0adc257e5e3ed611c59a3dd’

Hi @KaiGao , I reached out to Atlassian and was able to generate access-token with above command. Generating one from the browser isn’t working for me & Atlassian as well. Please check if it can help .