Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

"Issue does not exist or you do not have permission to see it." -Postman REST API

Cameron Loperfido
Cameron Loperfido
Contributor
July 20, 2023

Hi all, I cannot get past this 404 error.

  • The account I'm using is the org admin.
  • I can view the data by entering the url into edge.
  • I've tried creating new api keys.

I am at a loss, please help.

image.png

Answer
Watch
Like Be the first to like this
2148 views

3 answers

1 accepted

3 votes
Answer accepted
Cameron Loperfido
Cameron Loperfido
Contributor
August 1, 2023

There are two places to generate APIs within the Atlassian cloud environment.

  1. https://id.atlassian.com/manage-profile/security/api-tokens:
    -For APIs specific to user access.
  2. Atlassian Administration -> Setttings -> API Keys:
    -For APIs that manage the org.

 

I was trying to use the later, not realizing the former existed..

Reply
0 votes
Edvin Beqari
Edvin Beqari April 11, 2025

Perhaps, it will help someone but in my case - I had quotes around the token - and they were being read in. Once removed - it all worked. 

Reply
0 votes
Hyrum Steffensen {Appfire}
Hyrum Steffensen {Appfire}
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
July 20, 2023

Hello Cameron,

This is an interesting issue. I tried the following curl and was able to reproduce your results (the 404 error).

curl -v -u "user:pass" \
--url "http://localhost:8080/rest/api/3/issue/DEMO-1"

I then changed the API version to 2 and it worked as expected.

curl -v -u "user:pass" \
--url "http://localhost:8080/rest/api/2/issue/DEMO-1"

This is a bit curious as I have never come across this before. I checked the Atlassian documentation and both version 2 and 3 support the same authentication. According to the documentation, the difference in versions should not make any difference when it comes to authentication.

https://developer.atlassian.com/cloud/jira/platform/rest/v3/intro/#version

When I compare the verbose response from the curl, the only difference I see that sticks out is the "content security policy".

Screenshot 2023-07-20 at 6.04.15 PM.png

I tried this using a different Jira version (going from Jira 8.22.6 to 9.4.2) and neither version worked. However, I still see the "self" content security policy when the curl request does not work. I searched Google for "jira rest content security policy" and am seeing some interesting results. I believe this would be the place to start.

See this Atlassian documentation on Jira security headers. I believe this will resolve the issue.

https://confluence.atlassian.com/jirakb/security-headers-in-jira-939919914.html

Here are some suggested troubleshooting steps:

  • Try a different API version.
  • Try an older version of Jira.
  • Export the Postman content to curl and try the curl verbose flag.
  • Compare the verbose success response with the verbose failing response using git diff (or a similar feature in an IDE).
  • Google "jira rest content security policy" for other ideas

Please let me know how it goes!

Hyrum

View More Comments
Cameron Loperfido
Cameron Loperfido
Contributor
July 21, 2023

Thank you so much for your response Hyrum! Unfortunately I am new to postman and API calls. I tried changing the get request to rest/api/2/, with no luck. I am using cloud so I cannot change the version of the Atlassian environment.

I'm not sure what you are asking here,

  • "Export the Postman content to curl and try the curl verbose flag."

But. I know what curl is and where to find the code snippet in postman, and what Atlassian recommends.

Like
Hyrum Steffensen {Appfire}
Hyrum Steffensen {Appfire}
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
July 21, 2023

Sure thing, Cameron!

If you are using Jira Cloud, then none of the troubleshooting steps I suggested above apply. I tried a basic REST call using Postman to my Jira Cloud test instance and the only way I could make it not work was to pass incorrect authentication. Try creating a new API key and test again.

When using curl, the verbose flag is useful in troubleshooting because it returns additional information you normally would not see. Here is what it looks like:

curl -v

Here is what my curl looks like after I exported it from Postman.

curl --location 'https://<BASE_URL>.atlassian.net/rest/api/2/issue/EX-1' \
--header 'Authorization: Basic CALCULATED_HASH'

Long story short, I think your Postman configuration is just fine. Check the authentication.

Hyrum

Like
Cameron Loperfido
Cameron Loperfido
Contributor
August 1, 2023

Turns out, I was trying to apply the org management API key from Atlassian Admin, not the one from my own Atlassian account. We got there, Hyrum! Thanks again for trying to help.

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Terms Security
    Welcome illustration

    Welcome to the new Atlassian Community

    Online forums and learning are now in one easy-to-use experience.

    By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.