OAuth 2.0 Not enabled for fetching values for a field in Jira Service Management API

Hi guys need help regarding Jira JSM API, I am hitting this API and its returning me this. This is for getting values for a particular field that I have in JSM.

‘OAuth 2.0 is not enabled for method: GET /rest/servicedeskapi/1/organisations/project/10008/search’

For last few days I am encountering this more often! What exactly do I need to enable? I have almost all the scopes required. Can anyone help!? Thank you!

Hello @Sourav

Your sample error contains a URL to a non-existent endpoint. As far as I know, there are no endpoints in the JSM Cloud API that contain the word organisations, only the word organization. There are also no endpoints that allow you to ‘search’ inside a project nor to lookup the values of any fields in such a project. Lastly, there is no v1 of that API, so there should be no /1/ in the request path.

I’m happy to be proven wrong if you can provide a link to the documentation that describes this JSM Cloud API endpoint you’re trying to access, but I get the feeling you’re confusing the API of the underlying Jira platform versus the API of the Service Management module, or maybe even the Jira Software module.

1 Like

Thanks a lot the reply @sunnyape the url that I have posted actually came from createmeta or some API which replies back with an autocomplete url, so essentially I wanna get values to autocomplete a field. Is there any other API maybe in Jira Service Management module that can help me with this? Because I went through almost everything and I am not able to find anything regarding it?


If you could please pinpoint where you got that URL, then I can raise a bug. I confirm @sunnyape’s point that it isn’t in the Open API spec, which means it won’t have OAuth scopes.

There might be something in the REST API with scopes, but I didn’t fully understand what you were trying to autocomplete? Projects? Orgs? Specific fields?

Hi @ibhuchanan I think I was using this route which is called create meta: https://developer.atlassian.com/cloud/jira/platform/rest/v3/api-group-issues/#api-rest-api-3-issue-createmeta-projectidorkey-issuetypes-issuetypeid-get
However now I am confused since I want functionality to get organization and autofill them, also note that the above route returns it in autoCompleteUrl! Would appreciate a response here.

EDIT: Just to provide more context the URL that I got actually works if I copy paste it over to the browser, for example it gives me this: https://mydomain.atlassian.net/rest/servicedesk/1/organisations/project/10006/search?query=
And the above returns an array, however if I hit it programatically it fails!

Hello @Sourav

When you copy and paste an API URL like that into a web browser that has an active session with your JSM instance, then the logged in user’s session cookie is used for authentication. You can discover this yourself by logging out of your JSM session, closing the web browser, re-opening the web browser and pasting that same URL in; you will see the API URL will fail.

Session based authentication is a totally different thing to Basic, OAuth, JWT or other similar external authentication methods. Basically speaking, that API URL you have ‘discovered’ will only ever work within the security domain of a user’s browser based session and does not support OAuth, just as the error message has advised.

With regards your use of the Get create field metadata for a project and issue type id REST API endpoint and it returning that API URL in an autocomplete object for a particular field type for a particular project, I’ll have to let @ibuchanan comment on that, as I don’t have access to a JSM Cloud instance to test against.

If you could provide a complete copy of the entire GET request you are making to that Get create field metadata for a project and issue type id endpoint, and a complete copy of the JSON response, that would be helpful.

Hey @sunnyape I think I got the exact issue I am running into: Createmeta field autoCompleteUrl OAuth 2.0 is not enabled for this method
And seems like its an active bug: [ACJIRA-2173] - Ecosystem Jira
@ibuchanon by any chance is this bug being worked upon? I see that it was opened in 2020!?


No, the “Gathering Interest” status is not an active status. That said, I’m not convinced that bug is filed correctly, which makes it that much harder to get worked upon. It was logged against “Atlassian Connect” but OAuth 2 is owned by a different team and JSM REST API is yet another team. Could you please refile this bug with Atlassian Support?

1 Like

Hey @ibuchanon I have refiled this bug here: Jira Service Management