Personal data reporting API returning 401 (Connect + JWT)

I am trying to implement the personal data reporting API
I am building a Connect app and using JWT for authentication
The code I am using is the following (node.js)

import * as ajwt from "atlassian-jwt"

  const now = moment().utc();
  const req = ajwt.fromMethodAndUrl('POST', '/rest/atlassian-connect/latest/report-accounts');

  const tokenData = {
    iss: MY_APP_KEY,
    iat: now.unix(), // The time the token is generated
    exp: now.add(3, 'minutes').unix(), // Token expiry time (recommend 3 minutes after issuing)
    qsh: ajwt.createQueryStringHash(req), // [Query String Hash](
  const jwt = ajwt.encodeSymmetric(tokenData, sharedSecret);
 const Authorization = `JWT ${jwt}`;
const res = await"", body, { headers: { Authorization } }); 

This is returning 401 with no additional information. Am I doing something wrong ?

1 Like

Oh. My. God; After spending literally 3 whole days on this and trying every combination imaginable, we finally figured out the documentation/posts on the forum by Atlassian employees are incorrect and the URL to call is actually “” (notice the “wiki”) for a Confluence integration.

Thank you for posting the update @UlysseMizrahi and I acknowledge your frustration

Our docs are continually being improved and this feedback is very helpful

We’ve added the /wiki/rest/atlassian-connect/latest/report-accounts path today to the User Privacy Guide and we’re looking for more places to make the distinction clearer as well