Getting "Invalid OAuth credentials" when registering a Jira Software Cloud site in Bitbucket Data Center

Platform Notice: Data Center Only - This article only applies to Atlassian products on the Data Center platform.

Note that this KB was created for the Data Center version of the product. Data Center KBs for non-Data-Center-specific features may also work for Server versions of the product, however they have not been tested. Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.

*Except Fisheye and Crucible

Summary

The customer is unable to use the OAuth credentials to connect Bitbucket to Jira Cloud because they are getting Invalid OAuth Credentials.

(Auto-migrated image: description temporarily unavailable)

Environment

Bitbucket Data Center 7.14 to 8.0

Diagnosis

The problem is reproduced by doing the following steps:

  1. Generate OAuth Credentials from Jira Cloud

    • Add one or more permissions except for Development information

  2. Go to Bitbucket Data Center's Jira Cloud Integration page (Administration > System > Jira Cloud Integration)

  3. Click on Register site

  4. Add the credentials generated from step 1 and save.  An error is displayed. 

  5. The debug logs show the following:

1 2 3 4 5 6 7 8 9 10 11 12 13 DEBUG [http-nio-22110-exec-6] bitbucket @19X73F5x939x153x0 e615o1 0:0:0:0:0:0:0:1 "POST /rest/jira-dev/latest/jira-site-config HTTP/1.1" c.a.s.i.r.e.ServiceExceptionMapper Mapping ServiceException to REST response 400 com.atlassian.stash.internal.jira.cloud.config.exception.InvalidOauthCredentialException: Invalid OAuth credentials at com.atlassian.stash.internal.jira.cloud.config.service.DefaultJiraSiteConfigService.validateOauthCredentials(DefaultJiraSiteConfigService.java:232) at com.atlassian.stash.internal.jira.cloud.config.service.DefaultJiraSiteConfigService.create(DefaultJiraSiteConfigService.java:85) at com.atlassian.stash.internal.jira.rest.JiraSiteConfigurationResource.create(JiraSiteConfigurationResource.java:46) .. .. Caused by: com.atlassian.stash.internal.jira.http.client.exception.HttpClientException: Forbidden at com.atlassian.stash.internal.jira.http.json.DefaultHttpRequestExecutor.lambda$null$3(DefaultHttpRequestExecutor.java:74) at com.atlassian.httpclient.api.ResponsePromiseMapFunction.apply(ResponsePromiseMapFunction.java:49) at com.atlassian.httpclient.api.ResponsePromiseMapFunction.apply(ResponsePromiseMapFunction.java:10) at io.atlassian.util.concurrent.Promises$OfStage.lambda$fold$4(Promises.java:332) at io.atlassian.util.concurrent.Promises.lambda$biFunction$7(Promises.java:422)

Cause

The OAuth Credentials were created without the Development information permission set.

Solution

  1. In Jira Cloud, locate the OAuth Credential and edit it

  2. Add the Development information permission

  3. Save the credential

  4. Register the Jira Cloud site in Bitbucket again

Alternatively, upgrading to 8.1.0 or higher addresses this issue without having to add the Development information permission.

Reference: BSERV-18773 - Registering a Jira Cloud site with valid OAuth credentials returns an error "Invalid OAuth credentials"

Updated on March 17, 2025
Platform
Data Center only
Product
Bitbucket Data Center
On this pageSummaryDiagnosisCauseSolution

Still need help?

The Atlassian Community is here for you.
Ask the Community