Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Rest API requests NOT working with any other tool than "Rest API Browser" - received 403 forbidden error

Siddhi Kalamkar
Siddhi Kalamkar August 9, 2016

I am working on REST API stuff and mainly working with "Rest API Browser" add-on.

Whenever i try to post any request from this add-on say creating test cycle, test steps etc the request gets proccessed within few mins with success code(200) however if i try to do same thing with any tool [say gatling] i am receiving an error 403-forbidden, i have rechecked all the request headers and those seems to be fine and correct.

 

I am not sure why i am not able to post the request through any other tool than "Rest API Browser" tool.

Kindly help me in getting this sorted.

Kind regards,

Siddhi.

Answer
Watch
Like Be the first to like this
1159 views

1 answer

0 votes
Jeff
Jeff
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
August 9, 2016

Generally if you are having problems with making REST requests that are working in one tool but not others, this would point to an authentication issue of some kind. Are you able to provide examples of the type of REST API call you are trying to make, specifically where it is working and where it is not working?

What type of authentication are you passing through in the headers when you are not using Rest API browser?

View More Comments
Siddhi Kalamkar
Siddhi Kalamkar August 9, 2016

Hi Jeff,

I want to create test plan/cycle in Jira for that I am using below JSON request:

{

           "clonedCycleId": "",

           "name": "Temp Test Cycle",

           "build": "",

           "environment": "Env",

           "description": "Creating new test cycle",

           "startDate": "",

           "endDate": "",

           "projectId": "12345",

           "versionId": "-1"

          }

and the API is: rest/zephyr/latest/cycle

also I am passing below request headers:

"User-Agent"  -> "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101 Firefox/45.0",

"Accept-Encoding"  -> "gzip, deflate",

"AO-7DEABF"  -> "1v+f9MW2DCye5LYQR4YV772dXbRdUgbQG3/Ygwp2sUuPiexaqWDokYCYl0cvMWeim7M8Q91uRo9C5bjia/0bMQ==",

"Cookie"  -> "atlassian.xsrf.token=nocheck; JSESSIONID=${sessionID}",

"X-Atlassian-Token"  -> "nocheck",

"Content-Type" -> "application/json")

 

Please note i have added "X-Atlassian-Token"  -> "nocheck", in request headers because i got "XSRF Check failed error" and if i romove "X-Atlassian-Token"  -> "nocheck" the i received 403 forbidden error.

 

kindly help on the same.

 

Like
Jeff
Jeff
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
August 9, 2016

Apologies I am not very familiar with the Zephyr APIs as they are not a native part of the Atlassian platform. However some quick googling indicates that you may be able to pass a base64 encoded version of a username/pwd hash in the headers (as shown in this ticket https://support.getzephyr.com/hc/en-us/community/posts/200998059-Authentication-issue-in-ZAPI) which might do the trick.

I also found this resource which has some example code to get you started, and that seems to confirm my suspicion above (https://support.getzephyr.com/hc/en-us/articles/202465959-Sample-Create-a-Test-Cycle-and-Add-Existing-Tests).

Like
Siddhi Kalamkar
Siddhi Kalamkar August 10, 2016

I tried to pass all the possible headers but still received 403-forbidden..

could you please help me in identifying the mandatory authentication headers which needs to be passed?

Like
Siddhi Kalamkar
Siddhi Kalamkar August 11, 2016

HI Jeff,

The issue is related to the custom value generation in the request header of the same API which is going to use the request header with the auto-generated value [here the value is AO-7DEABF].

Could u please assist me in handling the same? I want to extract this value from request header and want to pass it in the same request header.

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Copyright © 2025 Atlassian
    Privacy Policy Terms Security
    Welcome illustration

    Welcome to the new Atlassian Community

    Online forums and learning are now in one easy-to-use experience.

    By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.