Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Jira REST API returning 401 Unauthorized

Austin Luu
Austin Luu June 6, 2019

Hello,

I recently lost the ability to login to the Jira REST API using powershell, constantly getting 401 unauthorized errors. My account has admin privileges and I know I'm using the correct password. Anyone might know what I'm doing wrong?

 

Invoke-RestMethod -UseBasicParsing -Method Post -Uri "https://15sof1.atlassian.net/rest/auth/1/session" -SessionVariable session -Body (@{username = $username; password = $password} | convertTo-Json -Compress) -ContentType 'application/json'

Invoke-RestMethod : The remote server returned an error: (401) Unauthorized.
At line:1 char:1
+ Invoke-RestMethod -UseBasicParsing -Method Post -Uri "https://15sof1. ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (System.Net.HttpWebRequest:HttpWebRequest) [Invoke-RestMethod], WebExc
eption
+ FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.InvokeRestMethodCommand

 

Thanks!

Answer
Watch
Like Be the first to like this
2765 views

2 answers

0 votes
Andy Heinzer
Andy Heinzer
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
July 26, 2019

Hi all,

I was working with Austin on a related post and I think we found the solution.

Atlassian Cloud recently deprecated support for TLS 1.0 and 1.1 protocols.  This will force all clients to support TLS 1.2 in order to connect. Deprecating TLSv1 and TLSv1.1 for Atlassian Cloud Products has more details.

While the planned effective date in that page was December 1, 2018, you can see in the recent Jira Cloud blog updates in https://confluence.atlassian.com/cloud/blog/2019/07/atlassian-cloud-changes-jul-1-to-jul-8-2019

... after consultation internally and with customers, we have allowed a silent/soft grace period of 6 months to allow customers additional time to update the necessary tools and systems. This grace period has now expired. 

In my search I came across this post:

https://www.codyhosterman.com/2016/06/force-the-invoke-restmethod-powershell-cmdlet-to-use-tls-1-2/

The issue, as I understand it, is that PowerShell by default uses TLS 1.0 for web requests, which will not work in our case. So this needs to be changed. Thankfully, this is an easy change. Just add the following line to your scripts:

[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12

Which means that we would need to make sure powershell is using the TLS v1.2 protocol when trying to connect to an Atlassian Cloud address, or else it won't be able to connect.

Cheers,

Andy

Reply
0 votes
Lucas Rodrigues de Oliveira
Lucas Rodrigues de Oliveira
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
June 6, 2019

Hi Austin,

 

try use the basic authentication, some Jira REST API needs this to authenticate. 

https://developer.atlassian.com/server/jira/platform/basic-authentication/ 

 

If you need, you can construct and send the basic authorization header yourself as follows:

  1. Build a string of the form username:password.
  2. Encode the string to Base64.
  3. Supply an authorization header with format Authorization: Basic {encoded-string}. Make sure to replace {encoded-string} with your encoded string from Step 2.

For example, if your username and password are both fred then the string "fred:fred" encodes to ZnJlZDpmcmVk in Base64. You can then make a request with cURL specifying the authorization header with -H as follows:

 curl -H "Authorization: Basic ZnJlZDpmcmVk" -X GET -H "Content-Type: application/json" http://localhost:8080/rest/api/2/issue/createmeta
View More Comments
Austin Luu
Austin Luu July 3, 2019 edited

I tried that but it didn't work, can you see anything wrong with my code?

$username = 'austin.luu91@gmail.com'
@Password = 'somePassword'
$pair = "${username}:${password}"
$bytes = [System.Text.Encoding]::ASCII.GetBytes($pair)
$base64 = [System.Convert]::ToBase64String($bytes)
$basicAuthValue = "Basic $base64"
$headers = @{ Authorization = $basicAuthValue }
Invoke-RestMethod -UseBasicParsing -Method Post -Uri "https://15sof1.atlassian.net/rest/auth/1/session" -Headers $headers -SessionVariable session -ContentType 'application/json'
Invoke-RestMethod : The remote server returned an error: (401) Unauthorized.
At line:1 char:1
+ Invoke-RestMethod -UseBasicParsing -Method Post -Uri "https://15sof1. ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (System.Net.HttpWebRequest:HttpWebRequest) [Invoke-RestMethod], WebExc
eption
+ FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.InvokeRestMethodCommand

 

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
atlassian, atlassian community, loom ai, atlassian loom ai, loom, atlassian ai, record recaps of meetings, meeting recaps, loom recaps, share meeting recaps,

Loom’s guide to great meetings 📹

Join us to learn how your team can stay fully engaged in meetings without worrying about writing everything down. Dive into Loom's newest feature, Loom AI for meetings, which automatically takes notes and tracks action items.

Register today!
AUG Leaders

Atlassian Community Events

Community
Forums
FAQs Forums guidelines
Learning
About learning Resources
Events
Champions
Copyright © 2025 Atlassian
Privacy Policy Terms Security
Welcome illustration

Welcome to the new Atlassian Community

Online forums and learning are now in one easy-to-use experience.

By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.