Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

401 Unauthorized : You are not authenticated Authentication required to perform this operation error

Navin Karunanithi
Navin Karunanithi July 17, 2025

There are the endpoints which when I try to access gives me the above error. 
I am testing out if the granular scopes that I have added for the application are working as the previous ones were not. I have created an app and using the Atlassian developer console to get the authorization URL.

https://auth.atlassian.com/authorize?audience=api.atlassian.com&client_id=XXXXXXXXXXXXXXXXXXX&scope=read%3Aattachment%3Ajira%20read%3Aissue%3Ajira%20read%3Agroup%3Ajira%20read%3Aboard-scope%3Ajira-software%20read%3Acomment%3Ajira%20read%3Aissue-type%3Ajira%20read%3Aproject.component%3Ajira%20read%3Aproject-role%3Ajira%20read%3Aproject%3Ajira%20read%3Aproject-version%3Ajira%20read%3Asprint%3Ajira-software%20read%3Auser%3Ajira%20read%3Aissue-worklog%3Ajira%20read%3Aapplication-role%3Ajira%20read%3...

using this URL I am able to get the authorization code and in turn able to get the access token with the required scopes, but when I try to access these below endpoints I get the 401 Unauthorized : You are not authenticated Authentication required to perform this operation error. I have admin access to the sandbox which I am using to test these endpoints, and I am using postman to test it.
I have set the access token as the bearer token.

/rest/agile/1.0/board
/rest/api/2/role
/rest/api/2/application-properties/advanced-settings
/rest/api/2/applicationrole
/rest/api/2/auditing/record
/rest/api/2/configuration
/rest/agile/1.0/board/{boardId}/epic
/rest/api/2/group
/rest/api/2/settings/columns
/rest/api/2/priority
/rest/api/2/resolution
/rest/api/2/projectCategory
/rest/api/2/issuesecurityschemes
/rest/api/2/configuration/timetracking/list
/rest/api/2/workflow
/rest/api/2/statuscategory
/rest/api/2/status

{{protocol}}://{{host}}/{{basePath}}rest/api/2/___________

protocol: https
host: sandbox.atlassian.net
basePath: I am currently setting this as jira, but it gives me 404, so I have removed this field and have used it in this format

{{protocol}}://{{host}}/rest/api/2/_______

I have used the above request format for the below endpoint and I am able to get responses with 200 OK.

/rest/api/2/issuetype
/rest/api/2/project
/rest/api/2/dashboard
/rest/api/2/filter/favourite
/rest/api/2/field
/rest/api/2/field
/rest/api/2/issueLinkType
/rest/api/2/permissions
/rest/api/2/project/type

I would really appreciate it if someone can point out what I am missing or if there is a better way to make this work. Thank you for time.

 

Answer
Watch
Like John Funk likes this
288 views

2 answers

2 votes
Yogesh Mude
Yogesh Mude
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
July 17, 2025

@Navin Karunanithi  Welcome to the community!

If you are using the postman and sending the GET/POST request and added the basic authorization then i thing you just need to provide the your email address as a username and password as a token. So can you check without the Bearer once

View More Comments
Navin Karunanithi
Navin Karunanithi July 18, 2025

@Yogesh MudeThank you for your reply. I want to check if the access token generated with updated granular scopes is able to access the objects. Using basic authentication via username and password would not fit my use case.

Like
Yogesh Mude
Yogesh Mude
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
July 18, 2025

Okay, Can you check with/without scope token and assuming you are using Berer Token in authorization, if so, then try convering token to base64 encoding and check.

Like
Navin Karunanithi
Navin Karunanithi July 21, 2025

@Yogesh Mude: I tried what you suggested, by having email as the username and the token generated as the password, then performed base64 encoding. But it still return 401 error with Client must be authenticated to access this resource.

I have tried using the developer console to create an app, added scopes and then authorized it to the sandbox for which I have admin permissions. I have added the generated access token as bearer token and also tried it as basic authentication by adding it with email as the username and the token the password, then performed base64 encoding but still facing this 401 issue.

I have also tried creating an API token using https://id.atlassian.com/manage-profile/security/api-tokens selected the JIRA scopes and added required scopes to test it. For this too i have added them as bearer also as the mentioned basic authentication but it was the same.

I have tried it in curl as well. This is the sample curl : 

curl --location 'https://companyname-sandbox-180.atlassian.net/rest/api/2/workflow' \
--header 'Accept: application/json' \
--header 'Authorization: Basic xxxxxxxxxxxxxx' \
--header 'Cookie: atlassian.xsrf.token=xxxxxxxxxxxxxxxxxx'

I am getting "You are not authenticated. Authentication required to perform this operation" for api/2/statuscategory and "Client must be authenticated to access this resource" for the above mentioned objects in the post.

 

Like
Yogesh Mude
Yogesh Mude
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
July 21, 2025

@Navin Karunanithi  ahh. wait as you stated below..

 I tried what you suggested, by having email as the username and the token generated as the password, then performed base64 encoding. But it still return 401 error with Client must be authenticated to access this resource.

If you are trying to use Auto type as Basic Auth then please username as your email address and Password as your token...here you dont need to use either Berer or dont need to base64 encoding.

image.png

Like
Yogesh Mude
Yogesh Mude
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
July 21, 2025

@Navin Karunanithi  Are you a site-admin or a normal user? and do you have the correct access permission. It seems you dont have the correct permission to access the workflow.

Can you try to access any single isue data as i shown in my earlier snap? and check if that success? 

Like
Navin Karunanithi
Navin Karunanithi July 21, 2025

@Yogesh MudeThanks for your reply.

I have created a new issue in the sandbox, for which I believe I have been given admin access to. Please refer to the below image. This was the image shared to me by the person who manages Jira when asked for sandbox admin access.

 

Screenshot 2025-07-21 at 16-53-44 INFRA-3796 Need Admin access for Jira Sandbox - JIRA.png

I tried to access this issue and some pre-existing issues as well, but I was not able to.

Screenshot 2025-07-21 at 4.50.48 PM.png

Like
Yogesh Mude
Yogesh Mude
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
July 21, 2025

@Navin Karunanithi  Can you please check the work item you are trying to access ie KAN-2, does you have the access to that project browse work item permission and also can you ask the person to grant you jira product license so you should be added to jira-<site-name>-users group and then try.

Also, can you try to access <site-url>/rest/api/3/issue/KAN-2 on the browser directly? and check if you get the results there.

Like
Navin Karunanithi
Navin Karunanithi July 21, 2025

@Yogesh MudeI am able to access the issue KAN-2 via browser directly. I can see the response has all the fields such as issue_type, project and statuscategory etc.

Yes, I do have access to the project in which this issue is present.

can you ask the person to grant you jira product license so you should be added to jira-<site-name>-users group and then try.

Let me try this.

 

Like
Reply
0 votes
Navin Karunanithi
Navin Karunanithi July 21, 2025

image.png

@Yogesh MudeI have tried using Basic Auth with email as username and the token and password. Postman itself converts to base64 when using basic authorization.

I have also tried using the token as bearer token. However, I still am not able to access the endpoints.

Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
PREMIUM
PERMISSIONS LEVEL
Product Admin
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Notice at Collection Terms Security