Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Check if http basic authentication is enabled

LJLowry
LJLowry April 23, 2013

I need to verify if http basic authentication is enabled on a particular jira instance. If I run createmeta calls against the REST api I get 401 unauthorized errors, which leads me to believe that http basic is disabled since these same curl calls work against another jira instanse I have access to and I can log in using a browser.

What's the easiest way to confirm in the jira configuration that http basic authentication has been disabled?

Answer
Watch
Like Be the first to like this
10178 views

1 answer

1 accepted

1 vote
Answer accepted
Joe Clark
Joe Clark
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
April 23, 2013

Run curl -v http://jira-urll?os_authType=basic to see the request and response headers when accessing JIRA.

If you see this response header:

WWW-Authenticate: Basic realm="protected-area"

Then you know HTTP Basic authentication is enabled.


As far as I know, there is no way to turn off HTTP Basic authentication in JIRA. You would only be able to achieve this by installing a custom Seraph authenticator in Confluence (eg. to enable single sign-on in your JIRA instance, for example).

View More Comments
LJLowry
LJLowry April 23, 2013

Thank you! This is perfect. I believe this case is one of the Seraph authenticator having been installed, this gives me a much better understanding of what's going on.

Like
Joe Clark
Joe Clark
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
April 30, 2013

Oops! Sorry, I've just realised there is a mistake in my answer. You need to run curl -v http://jira-url?os_authType=basic

The parameter on the end is important in order to make Seraph challenge you for basic authentication. Sorry for the confusion and sorry I didn't pick up on this earlier! Hope I didn't waste too much of your time.

Like Johannes Millan likes this
Tanuj Agrawal
Tanuj Agrawal
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
March 30, 2020

Hi, I am trying to determine whether Basic Auth is enabled or not for my JIRA instance. As per other suggestion I tried below curl command

curl -v https://<JIRA-URL>?os_authType=basic

and got below headers in response.

WWW-Authenticate :Basic realm="protected-area"

WWW-Authenticate : OAuth realm="<JIRA-URL>"

I am bit confused with both Basic and OAuth being present in response.

I am getting 403 for all the REST calls being made with Basic auth even for GET

Like teodustus likes this
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Terms Security
    Welcome illustration

    Welcome to the new Atlassian Community

    Online forums and learning are now in one easy-to-use experience.

    By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.