Troubleshoot "Invalid Jira account" issue with Jira Integration

Resolving permission issues with the Jira API key involves a systematic approach to ensure that all aspects of authentication, user permissions, and API configuration are correctly set up. Follow these steps to troubleshoot and resolve the issue:

1. Confirm Jira Deployment Type

·     Jira Cloud Deployment: Ensure your Jira instance is a Cloud deployment. The integration is only supported for Jira Cloud and is not compatible with On-Premise (Server/Data Center) instances.

2. Validate the Jira URL Format

·     Correct URL Format: Ensure the Jira domain URL follows the correct format:

o     Correct: https://[your-domain].atlassian.net

§     Example: https://example.atlassian.net

o     Incorrect: Avoid adding extra paths like /jira or subdirectories.

§     Example of incorrect format: https://example.atlassian.net/jira

3. Verify the Jira API Key

·     Use the Correct API Key: Ensure the API key used for authentication is accurate.

·     Create or Manage API Tokens:

1. Navigate to Jira profile > Manage account > Security > Create and manage API tokens.
2. Generate a new token or use an existing one.

·     Check Token Permissions: Confirm the API token has the necessary permissions for the API endpoints being accessed.

·     Associate API Key with the Correct Email: The API key must be created using the email ID linked to your Jira account.

For more detail, refer to this link: Manage API Tokens

4. Check User Permissions

·     Admin User Permissions: The admin user linked to the API key must have the required permissions in Jira to perform the requested actions.

·     Steps:

1. Go to Jira Administration > User Management and verify the user's permissions.
2. Ensure the admin user is part of the jira-administrators or jira-system-administrators group.
3. Ensure the admin user has the necessary project roles (e.g., Administrator, Developer).

·     Add Missing Permissions: If the admin user lacks these permissions, add the user group and project roles.

For more detail, refer to this link: Jira User and Group Permissions

5. Validate Project Roles and Permissions

·     Project-Level Permissions:

1. Go to the project in Jira > Project Settings > Permissions.
2. Verify the user or group has the necessary permissions for the actions being performed via the API.
3. Confirm the admin user has the following project roles:

§     Administrators: Full access to the project and its APIs.

§     Browse Projects: Required to access project-related APIs.

§     Edit Issues: Required to modify issues via the API.

§     Create Issues: Required to create issues via the API.

§     Delete Issues: Required to delete issues via the API.

·     Add Missing Permissions: Edit the project roles to assign the missing permissions.

For more detail, refer to this link: Manage Project Permissions

6. Review Global Permissions

·     Global Permissions: Some actions may require global permissions.

·     Steps:

1. Go to Jira Administration > Global Permissions.
2. Verify the admin user has the following global permissions:

§     Jira System Administrators: Full access to all Jira features and APIs.

§     Jira Administrators: Access to most administrative functions and APIs.

§     Browse Users: Required to access user-related APIs.

§     Create Shared Objects: Required for certain API operations.

§     Manage Group Filter Subscriptions: Optional but useful for some API operations.

·     Assign Missing Permissions: If the admin user lacks these permissions, assign them by selecting the user or group and updating the permissions.

For more detail, refer to this link: Manage Global Permissions

7. Test with a Different User

·     Higher-Permission User: Test the API with a user who has higher permissions (e.g., an admin) to determine if the issue is related to user permissions.

8. Contact Jira Administrator

·     Seek Assistance: If the issue persists, contact your Jira administrator to verify permissions and API access settings.

9. Example: Testing API Access

Step 1: Get Your Base64 Encoded String

1. Combine your Jira email and API token in the format email:API_TOKEN.
2. Encode this string using Base64:

echo -n "email@example.com:API_TOKEN" | base64

Replace email@example.com with your Jira email and API_TOKEN with your Jira API token.

Example:

echo -n "john.doe@example.com:abc123" | base64

Output:

am9obi5kb2VAZXhhbXBsZS5jb206YWJjMTIz

Step 2: Run the curl Command

curl -X GET \

-H "Authorization: Basic <BASE64_ENCODED_STRING>" \

"https://<your-domain>.atlassian.net/rest/api/3/issue/<issue-key>"

Replace the placeholders:

·     <BASE64_ENCODED_STRING> with the Base64 string from Step 1.

·     <your-domain> with your Jira domain (e.g., mycompany.atlassian.net).

·     <issue-key> with the issue key you want to access (e.g., PROJ-123).

Example:

curl -X GET \

-H "Authorization: Basic am9obi5kb2VAZXhhbXBsZS5jb206YWJjMTIz" \

"https://mycompany.atlassian.net/rest/api/3/issue/PROJ-123"

Step 3: Interpret the Response

·     Success: If the request is successful, you’ll receive a JSON response with details about the issue.

·     Error: Common errors include:

o     401 Unauthorized: Invalid credentials.

o     404 Not Found: Incorrect issue key or domain.

o     403 Forbidden: Insufficient permissions to access the issue.

Step 4: Troubleshooting

1. 401 Unauthorized:

o     Double-check your email and API token.

o     Ensure the Base64 encoded string is correct.

2. 404 Not Found:

o     Verify the issue key (e.g., PROJ-123) is correct.

o     Ensure the domain (e.g., mycompany.atlassian.net) is correct.

3. 403 Forbidden:

o     Confirm that your Jira account has the necessary permissions to access the issue.