I created a plugin with a PreChainAction task that calls Jira to retrieve jira issue details.
When I initiate the build from a JIRA Version release, it works fine.
When I rerun the same build from the Bamboo screen (build results summary -> rerun build), it fails with credential errors saying ‘You do not have an authorized access token’

Details:
I call jira as follows:

jiraRestResponse = jiraRestService.doRestCallViaApplink(jiraAppLink, "rest/api/latest/search/?jql=" + jql, Request.MethodType.GET, null);

This returns a CredentialsRequiredContextException. When debugging, I see that the jiraAppLink has info that looks good in the debugger (same as when triggered from Jira).

When I call it like this:

jiraRestResponse = jiraRestService.doRestCallViaApplink(applicationLink, "rest/api/latest/search/?jql=" + jql, Request.MethodType.GET, null, TwoLeggedOAuthAuthenticationProvider.class );

It returns a different error (not CredentialsRequiredContextException, but an error from JIRA itself), saying “Field ‘fixVersion’ does not exist or this field cannot be viewed by anonymous users.”

The 'anonymous user' is a clue here I think. It looks like somehow the user is not valid/ not in the context?

Again, it works fine when I trigger the build from a JIRA release, just not when I rerun the build.

How can I make this jira call work when doing a manual re-run?