Hello,
Confluence 7.1.2 version : “X-Atlassian-Token: no-check” header is not working when post to issue access token. 6.15.4 version was working before upgrade…
Customer logic :
-
Create Request token
Request Body : “oauth_callback=oob&oauth_consumer_key=withtools&oauth_nonce=445161829958166&oauth_signature=YmC%2B8hGWuG7bbh08Fr%2FBDOAH3Z4adsDEl%2F4c0IWdqUb6kqTGcff2A1qlAPinSMzhyDK%2FG3rCJZCcp7pyiP0rnYjybDdr%2FKuzBWdmV5qtbTncUGF0k4ctXQJRaJA%2FbNhQSmnadP%2Fs7QyHuCGjtyihYmxMT5D4UamjNKYDxAIa%2BeU%3D&oauth_signature_method=RSA-SHA1&oauth_timestamp=1578904134&oauth_version=1.0”
Response Data : oauth_token=HCnUX1Fi4M2w5EBe9rj3K4p7eYEM3uQw&oauth_token_secret=CcNDyyZF0T9cBXgQYsQYeeRjTPGlKTxK&oauth_callback_confirmed=true -
POST
url : https://confluence_url/plugins/servlet/oauth/authorize
header : X-Atlassian-Token : no-check, Authorization : “Basic [ID:PW String to Base64Encode]“
form data : oauth_token : “HCnUX1Fi4M2w5EBe9rj3K4p7eYEM3uQw”, oauth_callback : “”, approve : “Allow”
→ Error is occurred when send “Post”…oauth Not allowed… -
Issue Verification Code
-
Issue the “Access Token”
- JIRA 8.5.2 version is working with “X-Atlassian-Token: no-check” header.
- Developer guide is as below “Form Token Handling”
Enable XSRF protection in your app
→ Please check the last part.
Scripting
Scripts that access Confluence remotely may have trouble acquiring or returning a security token, or maintaining an HTTP session with the server. There is a way for scripts to opt out of token checking by providing the following HTTP header in the request:
Copy
X-Atlassian-Token: no-check
Please help me how to solve…
Thank you.
Regards,
Seungmin.Lee