Jira cloud REST API no longer accepting basic authorisation

Hey,

The jira rest api no longer seems to be accepting basic authentication, i’ve tried multiple username/password and email/password combinations and none of them seem to be working. It had previous been working totally fine for several years beforehand but suddenly stopped working 2-3 weeks ago

Response: “The remote server returned an error: (401) Unauthorized”
Header: {Transfer-Encoding: chunked
Connection: keep-alive
X-AREQUESTID: 578x1672x1
X-Seraph-LoginReason: AUTHENTICATED_FAILED
X-Content-Type-Options: nosniff
Content-Type: text/html;charset=UTF-8
Date: Tue, 23 May 2017 08:38:16 GMT
Server: nginx
WWW-Authenticate: OAuth realm=“https%3A%2F%2Fcsamltd.atlassian.net”
}

Based on the mention of OAuth in the header I’m guessing that basic authentication is no longer supported, only authentication via OAuth?

Our implementation of the basic authentication is based on the documentation at: Basic authentication

Is this documentation now out of date?
Also i was unable to find any mention of any changes to authentication in the documentation for the latest jira update.

I’ve been able to duplicate this I’m not sure what’s triggered this for us but I did find this bit of info in the docs:

CAPTCHA
CAPTCHA is ‘triggered’ after several consecutive failed log in attempts, after which the user is required to interpret a distorted picture of a word and type that word into a text field with each subsequent log in attempt. If CAPTCHA has been triggered, you cannot use JIRA’s REST API to authenticate with the JIRA site.

You can check this in the error response from JIRA – If there is an X-Seraph-LoginReason header with a a value of AUTHENTICATION_DENIED, this means the application rejected the login without even checking the password. This is the most common indication that JIRA’s CAPTCHA feature has been triggered.

Both of us have:
X-Seraph-LoginReason: AUTHENTICATED_FAILED
in our response.

I’m still working on figuring out how to clear that. Logging into the site directly doesn’t clear it.

Nevermind the response is AUTHENTICATION_FAILED, not AUTHENTICATION_DENIED. Two separate errors. Still checking.

I asked a colleague to try basic on his instance and he was able to get a 200 response back so I’m not sure what’s causing this for us.

The dev team mentioned there is a issue they are working on with Atlassian ID. I can’t find the ticket so I can’t verify if it is the same issue. One of the suggested work-arounds that I haven’t tested yet was to reset your Atlassian ID password and try again.

Let me know if that works.

Thanks,
Ralph

I think this is the issue you’re searching for: [JRASERVER-41559] Some REST calls return 200 with no body and AUTHENTICATED_FAILED - Create and track feature requests for Atlassian products.

Hey,

Resetting the password seems to have fixed the issue, cheers!

Thanks, actually this is the more relevant issue to follow. [JRACLOUD-66793] HTTP basic authentication to rest/auth/1/session fails with 401 error for email addresses on instances with Atlassian account - Create and track feature requests for Atlassian products.

It’s actually a collection of issues that are summed up in a comment further down [JRACLOUD-66793] HTTP basic authentication to rest/auth/1/session fails with 401 error for email addresses on instances with Atlassian account - Create and track feature requests for Atlassian products.

hi guys, finally resolved it as i was facing the same issue too while integrating Jira from Pega Agile work bench. The API invocation doesn’t seem to accept baisc auth. Instead enabled the “account in use” for 2 step auth
Use API Token as password with preemptive authentication and it all works fine.