Error 403 Forbidden when accessing Jira Align API from Jira

Platform Notice: Cloud and Data Center - This article applies equally to both cloud and data center platforms.

Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.

*Except Fisheye and Crucible

Summary

When attempting to access the Jira Align REST API from Jira (for example, when running a Jira Automation rule to perform user updates in Jira Align), users encounter a 403 error code. The logs indicate that the error is returned by Cloudflare with the code 1006. This article addresses the potential causes and solutions for this issue.

Diagnosis

  • Users receive a 403 Forbidden error when making API calls from Jira to Jira Align

  • Cloudflare logs show error code 1006

    • This can be checked only on the back end side of Jira Align. The Support team is able to validate it.

Cause

The main reason for the error 403 is likely that the IP addresses used by the Jira Data Center have not been whitelisted in Cloudflare (Jira Align). This lack of whitelisting prevents successful API requests to the Jira Align API, which is protected by Cloudflare.

Solution

  1. Whitelist IP Addresses:

    • Ensure that the IP addresses used by the Jira Data Center are whitelisted in Cloudflare. This involves coordinating with the Atlassian support team to update the allowlist for the Jira Align environment.

    • Note that → IPs to be whitelisted for test and production environments should be provided to Atlassian support.

  2. Verify Network Configuration:

    • Confirm that there are no outbound firewall rules in the Jira Data Center environment that might be blocking the API requests.

    • Ensure that the API calls conform to the expected formats and authentication requirements as per the Jira Align API documentation.

      • More Jira Align API details in the Jira Align Swagger → your-jira-align-instance.atlassian.com/rest/align/api/docs/index.html

  3. Testing and Validation:

    • After whitelisting the IPs, perform a test API call to verify successful connectivity. Use tools like Postman or cURL to simulate the API requests and check for a 200 OK response.

      • Use the simple endpoint "whoami" to check this connectivity. The endpoint would be:

      • 1 https://YOUR-JIRA-ALIGN-INSTANCE.jiraalign.com/rest/align/api/2/Users/whoami

    • Monitor the API calls to ensure they reach the Jira Align environment without being blocked by Cloudflare.

Updated on April 15, 2025
Platform
Cloud and Data Center
Products
Jira Align Cloud
Jira Align Data Center
On this pageSummaryDiagnosisCauseSolution

Still need help?

The Atlassian Community is here for you.
Ask the Community