Unable to use REST API

I am attempting to use the API documentation to build a process that can pull all users for audit, but when I use the information posted here: https://developer.atlassian.com/cloud/jira/platform/rest/v3/#api-rest-api-3-users-search-get

I made it further when I figured out that the query is not to API.atlassian.co_ but to my actual sitename .atlassian.net now I am getting

Basic auth with password is not allowed on this instance

What do I need to configure to get past this?

  • For basic auth, you need username and password. Username is email ID of your Atlassian account. And password is the API token. Go to https://id.atlassian.com/manage/api-tokens in order to manage the API tokens for the Atlassian account you are logged in at the moment.

  • You also need to give special permission to your Atlassian account to make this call. As mentioned in API doc:

Permissions required: Browse users and groups global permission. Anonymous calls or calls by users without the required permission return empty search results.

You can find out about managing global permissions here.

  • Then you should be able to make API call something like this:
curl -D- \
   -u fred@example.com:freds_api_token \
   -X GET \
   -H "Content-Type: application/json" \
   https://your-domain.atlassian.net/rest/api/3/user/search?query=

Let us know if you still face any issue.

1 Like

@aagrawal2. Thank you for your response… Getting newbies up to speed is never simple. I reformatted your curl command to

curl -D- -u user.name@my-site.atlassian.net:my-api-token -X GET -H "Content-Type: application/json" https://my-site.atlassian.net/rest/api/3/users/search

The API token is from the https://id.atlassian.com/manage/api-tokens location.

I am in the site-admins group and that group has every global permission but I am still getting

99 {"errorMessages":["error.no-permission"],"errors":{}}

Interestingly, when I run the request using the python example, it works with no issues.

In this, username seems to be incorrect. It’s not supposed to be user.name@my-site.atlassian.net but something like user.name@your-domain.com. It has to be the email ID of your atlassian account. I gave it a try with above command and it worked.

2 Likes

You total nailed it! Thank you so much for your help!

Now, same thing but for an app using atlassian-connect-spring-boot

Get all users default

GET /rest/api/3/users

Apps cannot access this REST resource.

Since apps cannot use it, I tried with AtlassianHostRestClients#authenticatedAsHostActor(), which uses the current user via OAuth2. The user is a site-admin and obviously has the read:jira-user OAuth scope. Getting exact same JSON error response as OP. I also tried with the other endpoint, /rest/api/3/users/search, to no avail. (Why are there 2 identically documented endpoints in v3?)

If I am forced to ask my user for an admin API key (or go through some hoops to manually use OAuth with the current user), then the entire benefit of using an integrated App is out the window for my use case and I will just implement a standalone app that uses the API manually.

Please advise!


Secondarily, why on Earth is a 403 turned into a runtime exception? Does anyone know why spring-web would make basic response status handling invisible at dev time? It is very annoying to have that control removed from me.