Hey all, not sure where my last post went, but I have an API issue where we're calling for a project via Adobe WorkFront and JIRA Cloud is returning "The value '{project_key}' does not exist from the field 'project'."
I see this project in a list of projects when I query the API, so I know it's there, not sure it will not return for Workfront.
Let me know if there is more information I can provide.
Welcome to the Atlassian Community!
One very quick one to check to start with - does the user you are using to try to read Jira Cloud have the "browse project" permission for the "missing" project? If they can't see the issues in the project, you can get "this project does not exist" in the response!
Thanks for the response!!
I thought it might be the perms as well, so, just to test, I set the user at Admin level in the project just to verify if it was indeed perms issue and I still get the same error.
I can select another project and it works just fine, it's just this one project.
It's not using any special schemes outside the ordinary.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Mmm, this catches out a lot of people - admin means admin, not "can do anything" or project permissions. Making them an admin might not give them browse project.
You have to check the permission scheme - to whom does it grant "browse project"? And is that user included by the rule?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I added a few more permission groups and this seems to have solved the issue. Better error messages would help here as well.
Thanks!
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Yes, it would be better for a message of "project does not exist, or you cannot see it". (You don't want to leak information by saying "project exists, but you're not allowed in", it should not give away that the project exists)
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
"Permission Denied" is acceptable, it's generic and can mean you don't have perms to the company, board, project, other things and does not really risk much, but for those of us doing work like this, it would have made this a lot easier to troubleshoot.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
No, because you've now told your attacker that the project exists.
Unless you change all the messaging to "permission denied", irrespective of whether it's the permissions or the non-existence of the project.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
True, but if an attacker has gotten this far, you have a LOT more issues than this. :)
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Um, why? Anyone can issue a REST call to look at a project on a Cloud system. They could get this far in the first attempt, just by reading the docs or Community posts.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
@Dennis Christilaw I'm also facing the same issue, so could you please provide the privileges assigned when this issue was faced?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
They added "browse project" for the user they were using
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Online forums and learning are now in one easy-to-use experience.
By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.