Reputation: 97
XSRF Check Failed on Jira Server
I am trying to call a POST (also tried a DELETE method) method of a Jira server rest api from an angular application. Unfortunately, I am getting 403 error and it's saying XSRF check failed
I tried adding X-Atlassian-Token: no-check but it does not do the trick for me. Also I tried replacing the header's value of 'User-agent' with a dummy one but I am getting
Here is the header
let headers = new HttpHeaders().set('content-type', 'application/json')
.set('X-Atlassian-Token','no-check')
.set('User-Agent','XX')
.append('Authorization', 'Basic ' + btoa(this.loginModel.username + ":" + this.loginModel.password));
I am getting completely frustrated because of this. Can anyone help me in this regard?
Upvotes: 2
Views: 2332
Answers (2)
Reputation: 19
The solution that I found to this problem is that you need to add an origin header that matches the domain that you are sending the request to. For example, if you are using Postman to send a request to https://foobar.example/ then set the Origin header to https://foobar.example/. then it should work. You can find some information about it here https://confluence.atlassian.com/kb/cross-site-request-forgery-csrf-protection-changes-in-atlassian-rest-779294918.html
Upvotes: 1
Related Questions
- Getting 404 for authentication API for Xray JIRA Cloud
- XSRF check failed when sending POST to custom rest endpoint
- Jira API POST returning (405) Method Not Allowed
- create Jira issue via REST api and jquery 405 method not allowed
- JIRA REST API cors
- Enable CORS in JIRA REST API
- JIRA Cloud REST API : Forbidden (403) error
- Unauthorized (401) while using Jira API using Postman?
- JIRA API after POST returns { errorMessages: [ 'Internal server error' ], errors: {} }
- ngnix CORS configuration for JIRA api not working