Jira Align API: Curl commands fail with "401 Unauthorized" and "Bearer error="invalid_token" errors

Summary

When executing curl commands using a Super Admin's API token, from a Linux virtual machine located on the same network as the Jira Align server, a 401 error is seen when attempting to run it from the same subnet utilizing internal DNS resolution.

The command executes successfully from the Swagger UI page.

Diagnosis

Investigate for any curl format problems in the syntax of the entered command that may be causing the error 401 to happen, by changing the curl format to using single quotes instead of double quotes on the Authorization block. Also consider using the the 'whoami' command in curl on their terminal to check for inconsistencies

Try running the following tests:

1. Change the curl format using single quotes instead of double quotes on the Authorization block

2. Run the 'whoami' command on Swagger, copy, and then run on their terminal to check inconsistencies

   curl -X 'GET' \ 'https://youralignserver.jiraalign.com/rest/align/api/2/Users/whoami' \ -H 'accept: */*' \ -H 'Authorization: bearer user:6nnnn7|sCramBleD+txt'

Cause

Double quotes are being used instead of single quotes in the auth path.

Solution

Changed from double to single quotes and and test

For example:

Incorrect curl:

• curl -v -X GET "https://youralignserver.jiraalign.com/rest/align/api/2/Users/whoami" -H 'accept: application/json;odata.metadata=minimal;odata.streaming=true' -H "Authorization: bearer user:6nnnn7|sCramBleD+txt"

Correct curl:

• curl -v -X GET "https://youralignserver.jiraalign.com/rest/align/api/2/Users/whoami" -H 'accept: application/json;odata.metadata=minimal;odata.streaming=true' -H 'Authorization: bearer user:6nnnn7|sCramBleD+txt'

Note: the bearer token shown as an example in this article is not valid for any specific Jira Align instance, as placeholder text has been used to represent the token.