Hi All, I’m trying to do a GET request /wiki/rest/api/content/{id} by Postman, creating a new API token (created yesterday) and pass it as basic authorization (OAuth 2.0 as documentation says), it fails with a status 401.
However, if I try with a token created before Jan 18 or with a CURL it works.
New API token
Old API token
What causes this problem?
Am I missing something? Should the new tokens be used in another way?
Thanks in advance!
It’s hard to tell for sure because tokens are sensitive and you’ve redacted the one that works. You definitely should not share tokens in public forums like this! Which is why most auth problems are best handled in our developer support desk, where you can safely share secrets.
That said, in the unobscured example that fails with 401, the token in only partially obscured as a long string. From the start of the token, I don’t think that’s the correct way to basic auth. The string following “Basic” should be a base 64 encoding of username:token but it looks like you’re just sending the token. I’m guessing that you got the right outcome from curl using:
curl -D- \
-u fred@example.com:freds_api_token \
-X GET \
-H "Content-Type: application/json" \
https://your-domain.atlassian.net/rest/api/...
Thanks @ibuchanan! it works.
And thanks for the recommendation. Before sharing the screenshots, I deleted the token that I created recently and it didn’t work for me, that’s why I left it visible