Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Unauthorized Error (401) When Using "Get All Application Roles" Endpoint in Jira REST API

Vasilis Kokotakis
Vasilis Kokotakis January 16, 2025

Hey community,

I’ve created an app through the Atlassian Developer Console using OAuth 2.0.

I successfully followed all the steps and retrieved a working token. I’m able to use most of the endpoints listed in the Jira REST API documentation without any issues.

However, I’m facing a problem with the following endpoint:

Get All Application Roles API Documentation Link

When I try to access this endpoint, I receive the following error:

{
    "code": 401,
    "message": "Unauthorized; scope does not match"
}

I noticed that this endpoint does not specify any recommended scope in the documentation. To troubleshoot, I added all granular scopes related to roles in my app, but the issue persists.

Does anyone have any suggestions or know how to resolve this?

Thanks in advance!
VK

Answer
Watch
Like Be the first to like this
224 views

1 answer

1 accepted

0 votes
Answer accepted
Pavel Junek
Pavel Junek
Community Champion
January 21, 2025

Hi Vasilis,

Welcome to Atlassian Community!

The error "Unauthorized; scope does not match" typically means that the OAuth token you are using lacks the necessary permissions (scopes) to access the Get All Application Roles endpoint. However, in your case, the documentation for this endpoint not specifying a recommended scope adds to the confusion.

I think there is possible problem with "Free Cloud Plan".

Limitations of OAuth 2.0 in Free Plan

Some administrative APIs (like roles management) may be restricted to API tokens created by a user with administrative permissions. OAuth apps might not have access to certain endpoints regardless of scopes, especially on free plans.

Workaround:

If you're on a free plan:

  1. Create a personal API token in Jira Cloud:
    • Go to Jira SettingsPersonal SettingsAPI Token.
    • Use this token with Basic Authentication for your API requests.
    • For example:
      ruby
      Authorization: Basic <Base64EncodedEmail:APIToken>

The Get All Application Roles endpoint might not be available on the Free Plan of Jira Cloud because some administrative endpoints are restricted to paid tiers. Double-check the Free Plan limitations in the Atlassian Jira Pricing.

 

Pavel

View More Comments
Vasilis Kokotakis
Vasilis Kokotakis January 26, 2025

@Pavel Junek Hey Pavel, Yes you are right. Using Basic Auth, this endpoint works fine.

Thanks for your usefull input.

Vasilis

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
FREE
PERMISSIONS LEVEL
Product Admin
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Terms Security
    Welcome illustration

    Welcome to the new Atlassian Community

    Online forums and learning are now in one easy-to-use experience.

    By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.