Jira Data Center DVCS link fails when connecting to cloud-based tools with 403 error
Platform Notice: Data Center Only - This article only applies to Atlassian products on the Data Center platform.
Note that this KB was created for the Data Center version of the product. Data Center KBs for non-Data-Center-specific features may also work for Server versions of the product, however they have not been tested. Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.
*Except Fisheye and Crucible
Summary
When trying to add a DVCS account to Jira, it fails with the error "Invalid OAuth credentials. Check Jira log for more information".
Environment
Jira Software Data Center and Bitbucket Cloud, GitHub Cloud or GitLab Cloud.
Diagnosis
Checking the logs, we'd see something that looks like this example below. This example was for Bitbucket Cloud.
1
2
3
4
5
6
7
8
2024-10-31 10:41:57,131 https-jsse-nio-8443-exec-23 url: /secure/admin/AddBitbucketOrganization.jspa; user: admin WARN admin 123x1234x1 18kmyua 10.0.0.1 /secure/admin/AddBitbucketOrganization.jspa [bitbucket.clientlibrary.request.BaseRemoteRequestor] Failed to properly execute request [GET https://api.bitbucket.org/2.0/user?oauth_nonce=f4d07682-(trimmed)&oauth_signature=abcd(trimmed)&oauth_consumer_key=XPc(trimmed)&oauth_timestamp=1730385717&oauth_signature_method=HMAC-SHA1&oauth_version=1.0]
Headers: [User-Agent: Jira DVCS Connector/6.1.4]
Params: [parameters={}]
Response code: 403
Response headers: [Server: squid/4.15, Mime-Version: 1.0, Date: Thu, 31 Oct 2024 14:41:57 GMT, Content-Type: text/html;charset=utf-8, Content-Length: 3524, X-Squid-Error: ERR_ACCESS_DENIED 0, Vary: Accept-Language, Content-Language: en, X-Cache: MISS from server123.dmz.mycompany.com, X-Cache-Lookup: NONE from server123.dmz.mycompany.com:3128, Connection: close]
2024-10-31 10:41:57,132 https-jsse-nio-8443-exec-23 url: /secure/admin/AddBitbucketOrganization.jspa; user: admin ERROR admin 123x1234x1 18kmyua 10.0.0.1 /secure/admin/AddBitbucketOrganization.jspa [spi.bitbucket.webwork.AddBitbucketOrganization] Exception while trying to fetch UUID from OAUTH credentials. Check if the credentials are correct.
com.atlassian.jira.plugins.dvcs.spi.bitbucket.clientlibrary.request.BitbucketRequestException$Forbidden_403: [HTML content]
at com.atlassian.jira.plugins.dvcs.spi.bitbucket.clientlibrary.request.BaseRemoteRequestor.checkAndCreateRemoteResponse(BaseRemoteRequestor.java:269) ~[?:?]
Cause
The outbound proxy blocked the request, and returned a 403 (Forbidden) error.
Note that the response headers for this example have some details about the proxy server, but this can vary depending on the proxy.
Solution
Make sure the outbound proxy is configured: How to Configure Outbound HTTP and HTTPS Proxy for your Atlassian application
Allow Jira to communicate with the remote application. Check Bitbucket Cloud IP addresses and domains to allowlist in your corporate firewall
Was this helpful?