Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions
Community
Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning Events Champions
Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning Events Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

403 not authorized when connecting to API with scoped token

David Soucie
David Soucie
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
October 24, 2025

I am attempting to write a CustomGPT that will combine data from several sources, one of which is confluence.  

If I go to https://id.atlassian.com/manage-profile/security/api-tokens and generate a token without scopes, encode it with my username and use it in the request, it works fine, but if I try and limit the scopes in any way, it returns a 403.

I don't think the issue is the baseURL or pageID I'm providing because it works with an an unscoped token, but doesn't work with a scoped token

Answer
Watch
Like # people like this
79 views

4 answers

3 votes
Jayesh Raghuvanshi
Jayesh Raghuvanshi
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
October 26, 2025

@David Soucie 

Scoped API tokens in Confluence Cloud only work via the Atlassian platform domain and require your site’s cloudId, so calling your site URL with a scoped token returns 403 even though an unscoped (classic) token works against the site URL. Use https://api.atlassian.com/ex/confluence/{cloudId}/… with Basic auth (email:scopedToken) and ensure the token includes the scopes needed for the endpoint you’re hitting.

 

Base URL: https://api.atlassian.com/ex/confluence/{cloudId}/… with Basic auth, using email:scoped_token (curl -u) or Authorization: Basic base64(email:token)

 

Example (audit log):
curl --request GET --url 'https://api.atlassian.com/ex/confluence/<cloudId>/wiki/rest/api/audit' --user 'your_email:scoped_api_token' --header 'Accept: application/json'

 

Get it from your site: https://your-site.atlassian.net/_edge/tenant_info returns {"cloudId":"<id>"} which you then place in the platform URL path

 

Thanks
Jayesh R

Reply
1 vote
marc -Collabello--Phase Locked-
marc -Collabello--Phase Locked-
Community Champion
October 24, 2025

Scoped and unscoped tokens use different urls.  Unscoped use yourinstance.atlassian.net, and scoped use api.atlassian.com.

Reply
0 votes
Benjamin Anderson
Benjamin Anderson
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
October 26, 2025

403 with a scoped token usually means it lacks the required permissions for that API call. Make sure all necessary scopes for Confluence are included.

Reply
0 votes
Thiago P _Atlassian Support_
Thiago P _Atlassian Support_
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
October 24, 2025

Hey there @David Soucie ,

Complementing on what @marc -Collabello--Phase Locked- mentioned, the URL used for scoped API tokens is the following:

https://api.atlassian.com/ex/confluence/<cloud-id> --user user@domain.com:api-token

For further details, make sure to review Manage API tokens for your Atlassian account.

Hope this helps! =]

Reply

Suggest an answer

Log in or Sign up to answer
Confluence
Confluence
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
PREMIUM
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Notice at Collection Terms Security