oAuth app throwing error Unauthorized scope does not match

Platform Notice: Cloud Only - This article only applies to Atlassian products on the cloud platform.

Summary

oAuth app returns the following error

1 {“code”:401,“message”:“Unauthorized; scope does not match”}

Environment

oAuth apps created via https://developer.atlassian.com/console/myapps/ using Jira Cloud API

Cause

You are sending an API request via oAuth apps and it contains the following slash right before the parameter specifically "search/?"

https://api.atlassian.com/ex/jira/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxx/rest/api/3/search/?

Solution

Remove the slash so that part of the URL changes from "search/?" to "search?" which results in the following end result after the slash is removed

https://api.atlassian.com/ex/jira/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxx/rest/api/3/search?

this has to be removed due to a deprecation notice for the Lenient URL which can be found in the link below

https://developer.atlassian.com/changelog/#CHANGE-1320

Updated on April 24, 2025
Platform
Cloud only
Product
Jira Software Cloud
On this pageSummaryEnvironmentCauseSolution

Still need help?

The Atlassian Community is here for you.
Ask the Community