Response: 403 Forbidden on "Add User to Group"

CoreyMosley · August 22, 2023, 9:54pm

Also, in addition to the 403 response code, the error I get back along with it is:

{“errorMessages”:[“OAuth 2.0 is not enabled for method: GET /[object%20Object]rest/api/2/group/user”]}

export const addUserToGroup = async (groupId, accountId) => {
  const bodyData = `{
    "accountId": ${accountId}
  }`;

  try {
    const response = await api
      .asUser()
      .requestJira(route(`/rest/api/2/group/user?groupId=${groupId}`, {
        method: "POST",
        headers: {
          "Accept": "application/json",
          "Content-Type": "application/json"
        },
        body: bodyData
      }
      ));
    
    const data = await response.json();
    console.log(`Response: ${response.status} ${response.statusText}`);
  } catch (error) {
    console.log(`Error adding user (${accountId}) to group (${groupId}): `, error )
  }
};

permissions:
  scopes:
    - read:jira-user
    - read:jira-work
    - manage:jira-configuration
    - write:group:jira
    - read:avatar:jira
    - read:group:jira
    - read:user:jira

This is resulting in a 403 error, I believe I have all of the correct permissions (classic and granular) and I have site-admin permissions. Can anyone spot a problem in the code or permission scopes?

CoreyMosley · August 23, 2023, 9:08pm

Resolved. Part of the issue was that the bodyData, ${accountId}, needed to be wrapped in quotes. The permission error resolved when I encountered another 403 forbidden with deployment. My temporary fix was to run a “forge register” and create a separate app.