i have a oauth2.0 access token obtained via authentication flow and by using it am trying to access this ‘get all boards’ api.
i also noticed only ‘platform’ apis are working with this access token and all these ‘software’ type api’s are not working.
On a logged in browser when i access this on browser… i was able to get the response on browser screen.
https://myaccount.atlassian.net/rest/agile/1.0/board
But via php curl call am unable to. Here is my code. the $result_decode[‘access_token’] is carrying valid access token.
appreciate any help here.
$ch = curl_init();
$allboards = $site_url.'/rest/agile/1.0/board';
echo '<br /><b>Calling all boards link:</b>'.$allboards.'<br />';
curl_setopt($ch, CURLOPT_URL, $allboards);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'GET');
curl_setopt($ch, CURLOPT_HTTPHEADER, [
'Accept: application/json',
'Authorization: Bearer ' . $result_decode['access_token']
]);
$allboardsdata = curl_exec($ch);
if (curl_errno($ch)) {
echo 'Error:' . curl_error($ch);
}
$httpcode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);
echo 'code:'.$httpcode.'-----<br />';
var_dump(json_decode($allboardsdata));
The result am getting is response code 401 and $allboardsdata value is null.
Hello @JosephRanjan
You haven’t provided any information about the scopes you’ve set for the OAuth token.
Thanks @sunnyape for helping on this one. Yes i gave all classic scope items… attaching the scope selection here for your reference.
still it was not working.
If you read the documentation for the Get all boards endpoint, you’ll see that it requires two specific OAuth scopes, neither of which are part of that ‘classic’ set you have shown, hence the reason your request is being rejected with a 401 error.
Jira SOFTWARE is a functionality module that exists in addition to Jira PLATFORM. That’s why its API is separate and its endpoints have different request paths and their own specific scopes.
Thanks for your response. i have made sure they were checked in the first place. It was not working after that also. so why made this post 
not only them but also selected nearly 50+ checkboxes in granular scopes as well. not useful… so why confused why this is happening !
You said “Yes i gave all classic scope items” and you provided a screen grab of scopes that DID NOT include the read:board-scope:jira-software or read:project:jira scopes. You never said a single word about those two scopes, so I had absolutely no way of knowing that you had “made sure they were included in he first place”. You’re only just telling me that, now.
If you omit critically important information, then my answers are bound to be incorrect.
So, if your app’s OAuth token has been given all the scopes shown in this new screen grab that have just provided, then that token should have no problem when used to access that Jira Software API endpoint.
There could be dozens of possible things you may have done wrong to get to the situation you’re at now, so I suggest you start from the beginning.
- Delete that OAuth token that is problematic
- Generate a new OAuth token for your app and give it only the scopes it needs, nothing more.
- Test that token with an API test tool like Postman first to see if it’s working as expected.
- Once you have confirmed it’s working and can access those Jira Software endpoints, then use it with cURL.
If the newly created token exhibits the same problem, I suggest you have a peer double check the process you followed creating that token to confirm that you’re doing it correctly.
Don’t do that!! Granular scopes can ‘compete with’ or over-ride Classic scopes. Use only one or the other. This is probably related to the problem.
Also, the documentation specifically tells you to NOT add more than 50 scopes to a single app’s token
Maybe you should consider having a peer at your organisation review the processes you are following.
@sunnyape thank you so much for your help and sorry for missing out the information on scopes.
I created a new oauth2.0 app with only the specific scopes to this API and ran the complete oauth flow and still facing same. via ‘https://api.atlassian.com/oauth/token/accessible-resources’ endpoint i confirm the scopes for this endpoint available…
i faced same on postman as well…
i finally found the reason…
the base URL should not be like this…
$allboards = $site_url.'/rest/agile/1.0/board';
the base url should be constructed like mentioned here…
Thanks @sunnyape for helping
