JIRA Server Credentials Setup - 403 Error

Questions
,
1

Currently unable to connect to JIRA from n8n.

Steps Taken:

  1. Add Credential - JIRA SW Server API

  2. Filled out E-mail, PW, and domain (https://jira.int.XXXXXXXXXXX.com/)
    Result: Received HTTP status code: 403

  3. Navigated to JIRA → System → Allowlist. Included wildcard expression https://n8n.int.XXXXXXXXXXX.com*, and allowed incoming

  4. Tested URL on JIRA page, and JIRA says that incoming connections from n8n URL are allowed.

  5. Retried from n8n, same error

I can verify that the user account is in the administrators group in JIRA, and that JIRA has failed the login attempts from n8n.

Can anybody provide any assistance or troubleshooting tips on how to get the JIRA credentials working on n8n?

n8n 1.53.2
JIRA Datacenter 9.12.5

2

It looks like your topic is missing some important information. Could you provide the following if applicable.

  • n8n version:
  • Database (default: SQLite):
  • n8n EXECUTIONS_PROCESS setting (default: own, main):
  • Running n8n via (Docker, npm, n8n cloud, desktop app):
  • Operating system:
3

Hey @KevinH_VAST,

Welcome to the community :raised_hands:

Does Jira happen to log why it thinks the credential failed? Are you possibly using MFA with Jira I suspect that could cause an issue.

4

Hi Jon,

Thank you for your reply.

Our JIRA instance does not currently use MFA for verification. If I try to log in directly to our JIRA instance, the login is handled through a Google account verification

image
image982×1082 35.7 KB

I used the same credentials provided through n8n and was able to verify that I could get in with the u/p

Kevin

5

Hey @KevinH_VAST,

Our integration will talk directly to Jira if you are using another idp like Google then I wouldn’t expect it to work at the moment as we wouldn’t try and authenticate with Google.

Does Jira have an option to bypass the SAML auth for API calls? I assume there would be some kind of setting for that.

6

Hey Jon,

That explains it. I’ll look into a way to bypass SAML auth with JIRA. If I see it I’ll post it here for posterity.

1 Like
7

I did forget to add that if I get a chance I will check the API docs as I assume there is something for this or we maybe need to add a special credential option.

8

Update on issue.

We discovered that we use miniOrange SSO on our JIRA instance.

miniOrange has a No / Skip SSO option that we tried to help N8N connect to JIRA.

image
image1133×367 22.5 KB

The following was written and added into the miniOrange settings:
https://n8n.int.XXXXXXXXXXX.com

(edit: this was also tested with https://n8n.int.XXXXXXXXXXX.com/ with the same failure result)

The allowlist in JIRA also remains the same with:
https://n8n.int.XXXXXXXXXXX.com*

We are still getting a fail login with a 403 error reported in N8N.

What is thet correct domain that N8N uses to make login requests? Am I writing that incorrectly? Also is there a console version or a more in depth way to troubleshoot why N8N is failing this login?

9

FYI for future searches:

The resolution was to put the username information in the e-mail column.

Steps taken:

  1. created test user
  • [username]
  • [pw]
  • [usr_email]
  1. Tested connection with curl -u [username]/[pw] [jira url]/rest/api/2/mypermissions
  2. created credentials in N8N with the following information:
  • Email: [username]
  • Password: [pw]
  • Domain: [jira url]

Note: if [usr_email] was used for the e-mail field, it would trigger the captcha/idp

1 Like
10

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.