We are calling below API to create an issue in JIRA
POST: https://api.atlassian.com/ex/jira/6a5206af-e4a3-45b0-ad78-95d3070006af/rest/api/latest/issue/
But this is failing with below error.
{“code”:401,“message”:“Unauthorized; scope does not match”}
We are using accessToken to call this API and the scopes used are
“scope”: “read:jira-work write:jira-work”.
With the same set of scopes, this operation working until recent past (we dont from which date exactly, this started failing)
Is there any change happened in this area recently ? what are the right scopes to be used to call this API ?
This is a bad error from the API (IMO it’s a bug)
It returns 401 if it can’t find the route you are specifying. In this case I believe the trailing slash could be the problem. They recently stopped sanitizing URLs, specifically slashes, double slashes, etc.
Just a hunch, but I would try without the trailing slash and see if you get a proper response.
Cheers,
Adam
2 Likes
@JubinMJacob as Adam says, support for lenient URL path processing for OAuth 2.0 requests has being removed. This includes requests with trailing slashes, such as your app’s requests to /rest/api/latest/issue/.
Please see the removal notice and the deprecation notice for more details.
If you are unable to find to troubleshoot your specific case, please submit a support request .
3 Likes
Hi @AdamAhmed @epehrson
Thanks for pointing out that. Its working fine after removing the slash.
May be we should consider returning a different error code/message in this case.
1 Like
Agree, 401 is misleading. I assume they generate some pattern based on your scopes and if you request a URL outside that pattern they return 401. They should also generate a pattern for a token that has all scopes and if it falls outside that pattern, return 404 instead.
I also lost time on this a few months ago and when I did I opened a support case. So they also lost time on this. I’m sure we’re not the first. Worth taking the time to return the right code IMO.