Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Basic auth with passwords is deprecated #46

Open
tandrewnichols opened this issue Jan 5, 2021 · 5 comments
Open

Basic auth with passwords is deprecated #46

tandrewnichols opened this issue Jan 5, 2021 · 5 comments

Comments

@tandrewnichols
Copy link

I was really excited when I found this lib, but after running jira config and entering my credentials, I was getting "No issues" when running jira ls. Added some logging and found that a 401 is being returned with the message Basic authentication with passwords is deprecated. For more information, see: https://confluence.atlassian.com/cloud/deprecation-of-basic-authentication-with-passwords-for-jira-and-confluence-apis-972355348.html. Following that link, it says that change was June of 2019, although there is development and (unrelated) issues opened here since then, which makes me think it's been working for people. I tried swapping my password with an API token just to see if that would work, but it did not.
@danshumaker
Copy link
Owner

Hi @tandrewnichols , we definitely use the API token for jira authentication and not passwords. And yes it still works. At one time we did use passwords, but in the config file you should see something like this:

config-example

@tandrewnichols
Copy link
Author

Hmm, I guess I need to try it again.

@cruinh
Copy link

cruinh commented Jan 27, 2021
edited
Loading

I'm having basically the same issue. My config file has the right url, user and I can see a token there, but jira ls returns "No issues".

I haven't tried adding logging, per se, but using the -v flag, I was able to see get the URL jira-cli is using when I run jira ls. If I copy and paste that URL into my browser, where I'm already signed in to JIRA, the URL returns results, but jira ls doesn't. I was kinda assuming SSO is to blame, since my company has that set up on our JIRA account. Does jira-cli support having SSO enabled on the Atlassian account?

[update]
... I managed to get things working for me. I ultimately had to follow this document to create an API Token. Then I ran jira config, used my email as the username and my token as the password.

@shorttompkins
Copy link

shorttompkins commented Jan 29, 2021
edited
Loading

Im having the same issue - ive created the API token, updated my jira-cli/config.json to ensure that my url, user, and token are correct, and just cant get jira ls to work locally - but pasting the url into a browser works (since Im signed in via SSO already in Chrome). Ive tried replicating the request that the cli does by pasting the url into Postman and including an Authorization: Basic ### header and thats when I get the same url about passwords being deprecated that was originally posted in this Issue.

edit: OK I actually figured out what the problem was: the API token that Atlassian generates isn't enough alone, you need to actually base64encode your emailaddress:token and enter that into your ./jira-cli/config.json like their docs show here: curl --user me@example.com:my-api-token. After I replaced my token value in my config with this new encoded value jira ls works ;)

@martinsantibanez
Copy link
Contributor

The solution for me was to go to https://id.atlassian.com/manage-profile/security/api-tokens, generate a token and paste it in config.json / auth.token

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@cruinh @danshumaker @tandrewnichols @shorttompkins @martinsantibanez