Problems with logging in because of missing headers or cookies

Platform Notice: Data Center Only - This article only applies to Atlassian products on the Data Center platform.

Note that this KB was created for the Data Center version of the product. Data Center KBs for non-Data-Center-specific features may also work for Server versions of the product, however they have not been tested. Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.

*Except Fisheye and Crucible

Problem

The Confluence Data Center and Server mobile app shows one of the following errors when user tries to log in or connect the app to an existing Confluence site, or displays a desktop version of Confluence after logging in.

Can't connect to your site

This could be because the URL is wrong, you need to use a VPN, or <url> is unavailable.

Can't check compatibility

A custom filter may be preventing unauthenticated requests to your server. Talk to your admin to resolve this.

Your site is unavailable or you need to connect to your VPN or network to access it.

Cause

This error often occurs if you’re using a proxy server, which might modify the response returned to the mobile app. If the response doesn’t include all headers or cookies required by the app, you either won’t be able to log in at all or will see a desktop version of Jira instead of the mobile one.

This problem affects earlier versions of the Confluence mobile app connecting to Confluence 7.5 and earlier.

Diagnosis

To check if the mobile app returns all required headers, you can make a HEAD request with the URL: <your-instance-base-url>/server-info.action.

Show sample response...

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 HTTP/2 404 server: Apache/2.4.41 (Ubuntu) push-notification-enabled: true vary: Accept-Encoding confluence-base-url: https://confluence.atlassian.com content-type: text/html;charset=UTF-8 content-security-policy: frame-ancestors 'self' strict-transport-security: max-age=63072000; preload date: Thu, 24 Oct 2019 11:00:14 GMT x-arequestid: 660x4236x1 x-asen: SEN-500 x-asessionid: sbc7qf x-xss-protection: 1; mode=block mobile-event-supported: true mobile-supported-version: true mobile-plugin-enabled: true x-ausername: anonymous x-content-type-options: nosniff set-cookie: atlassian.xsrf.token=BS5L-D6D1-TLY9-HJM8_180be825a5962c0f012571d52bd43059e28ed795_lout; Path=/; Secure set-cookie: JSESSIONID=16920DAB51A44904479F3CA1C9AF7C0C.node2; Path=/; Secure; HttpOnly x-frame-options: SAMEORIGIN x-confluence-request-time: 1469203272054 instance-name: Confluence

Solution

If you're using the latest version of the app, and connecting to Confluence 7.6 or later, you no longer need to allowlist headers. If you're seeing the desktop view in the app, see The Confluence Data Center and Server mobile app displays a desktop version of Confluence after log in.

If you're using an older version of the app to connect to Confluence 7.5 or earlier, the response should include all of the following headers. If it doesn’t, make sure to allowlist the missing ones on your proxy server.

1 2 3 4 5 6 7 instance-name: <name> confluence-base-url: <base-url> mobile-event-supported: true mobile-supported-version: true mobile-plugin-enabled: true push-notification-enabled: true x-confluence-request-time: <integer, e.g. 1554880367304>
Updated on April 2, 2025

Still need help?

The Atlassian Community is here for you.