Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Jira api get all boards returns 403 forbidden

Tõnu Roosi
Tõnu Roosi November 13, 2018

Hi, I have a node js site that uses Oauth 2 to authenticate with Jira.
Followed this documentation. https://developer.atlassian.com/cloud/jira/platform/oauth-2-authorization-code-grants-3lo-for-apps/

Authentication part seems to work fine. I get the authToken and cloudId and
when I make a request to get all projects or an issue with id, then every thing works fine.
But when I try to get all issues or boards then I get the "403 Forbidden" error.

Request headers
method: "GET",
headers: {
  'Authorization': 'Bearer {access_token}' ,
  'Accept': 'application/json'
}

Request url
https://api.atlassian.com/ex/jira/{cloud_id}/rest/api/3/issue/{id} - returns issue
https://api.atlassian.com/ex/jira/{cloud_id}/rest/api/3/project- returns all projects

https://api.atlassian.com/ex/jira/{cloud_id}/rest/api/3/issue - returns 403
https://api.atlassian.com/ex/jira/{cloud_id}/rest/api/3/board- returns 403


So what am I missing here, why cant i get boards and issues?

Answer
Watch
Like Be the first to like this
7061 views

2 answers

1 accepted

1 vote
Answer accepted
Dario B
Dario B
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
November 14, 2018

Hi @Tõnu Roosi,

 

I cannot find anywhere documented that there is an endpoint to GET all the issues. The only documentation I have found for the endpoint /rest/api/3/issue is the below one and it is actually to create an issue using POST:

 

Then, same as above, there is no rest/api/3/board endpoint. The one to get all boards is actually /rest/agile/1.0/board. Find the documentation below:

 

Cheers,
Dario

View More Comments
Tõnu Roosi
Tõnu Roosi November 14, 2018

Hi Dario,

thank your for the replay.

I solved the issue problem using search.  /rest/api/3/search/?jql={search_params}
But I still have problem getting all the boards.
Unfortunately /rest/agile/1.0/board also returns the 403 error.

 

Regards,
Tõnu

Like
Dario B
Dario B
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
November 15, 2018

Can you make sure the user has Jira Software rights and access to at least one boad?

 

You can doble-check this by logging into the instance, e.g. https://something.atlassian.net, and then navigate to the same rest endpoint by pasting below url in your Internet browser address bar:

https://something.atlassian.net/rest/agile/1.0/board

Like
Tõnu Roosi
Tõnu Roosi November 15, 2018

Yes, user has Jira Software rights.
When I log into my Jira and navigate to the .../rest/agile/1.0/board then I get a list of boards as expected.

Like
Dario B
Dario B
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
November 15, 2018

Then something is going wrong when authenticating the request in the code. Can you try if this works with curl as well?

Also, do you get any error message together with the 403? 

Like
Tõnu Roosi
Tõnu Roosi November 16, 2018

Hi,
with curl it's the same.
curl -u user:pass https://something.atlassian.net/rest/agile/1.0/board returns all boards.

But
curl -H "Accept: application/json" -H "Authorization: Bearer {accessToken}" https://api.atlassian.com/ex/jira/{cloudId}/rest/agile/1.0/board returns "Forbidden 403"

No errors beside 403.

Like
Dario B
Dario B
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
November 16, 2018

Hi @Tõnu Roosi

If this is the case then you may want to either:

Like
Tõnu Roosi
Tõnu Roosi November 16, 2018

Hi,

Thanks for the advice.
I'll ask around in dev community.

Regards,
Tõnu

Like
Jason Immerman
Jason Immerman
Contributor
April 7, 2020

@Dario B @Tõnu Roosi - Calls using 3LO (OAuth2) against the rest/agile APIs (Jira Software, and not Jira Platform) are not yet supported. This took me a bit to figure out, so I wanted to post it here for clarity. It is on the Atlassian roadmap (they in fact released Confluence support for 3LO auth only a few months ago)

Like
Dario B
Dario B
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
April 8, 2020

Hi @Jason Immerman , 

I can see that indeed the documentation for Jira Sofware  says this is not supported:

 

While we have this documented for Jira Core  and Jira Service Desk:

 

But at the same time, there is below page explaining how to use Oauth2 to integrate with Jira Software:

 

I am getting in touch with DEV to get some clarity on this. I will try to update below public issues as soon as I have more details.

 

Please set yourself as a watcher to them so that you will be notified 

Cheers,
Dario

Like
Jason Immerman
Jason Immerman
Contributor
April 8, 2020

Got it, thanks for the comprehensive reply @Dario B - I am watching those issues and look forward to learning more!

Like Dario B likes this
Dario B
Dario B
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
April 8, 2020

You are very welcome @Jason Immerman ! :)

After reviewing everything I strongly believe the answer is already in the quoted text of my previous answer:

This page provides instructions on implementing OAuth 2.0 authorization and calling the builds API, deployments API and development information API.

 

The above APIs are only a subset of the ones available for JSW Cloud (below):

Therefore, I assume this is still under development and slowly the other endpoints will be added. 

However, this is the idea I got by reviewing the documentation. I have already asked the team working on this to clarify. I should get an answer in the next days.

 

Cheers,
Dario

Like
Dario B
Dario B
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
April 14, 2020

Hello @Jason Immerman ,

I got confirmation that Oauth2 is indeed supported only for a subset of the endpoints available for Jira Software Cloud. For this reason I have opened the below feature request:

You may want to vote and watch the above feature request so that you will get notified in case of any update. The  feature will be addressed according to the Implementation of New Features Policy.

 

Cheers,
Dario

Like Yatish Madhav likes this
Jason Immerman
Jason Immerman
Contributor
April 14, 2020

Thanks @Dario B! Definitely makes my life easier to watch a single ticket. I really appreciate your help.

Like Dario B likes this
Reply
0 votes
Yatish Madhav
Yatish Madhav
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
May 4, 2021

Thank you for this thread and the issue you have created to watch - I am trying to use our private connect app to make REST API calls using JWT. It seems to be returning 403 for this endpoint https://developer.atlassian.com/cloud/jira/software/rest/api-group-other-operations/#api-agile-1-0-board-get - I even saw it the app/system user has permissions and it seems it does have access and SD and Software.

However when I do any request to the Cloud API, it works fine. Any idea why or what the issue is?

Thank you in advance

View More Comments
Anandhakrishnan
Anandhakrishnan June 24, 2021

Even I have a doubt,How could you solve 403 Forbidden error? Please clarify anyone.

Like Alan Nunez likes this
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Terms Security
    Welcome illustration

    Welcome to the new Atlassian Community

    Online forums and learning are now in one easy-to-use experience.

    By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.