Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How to post credentials using POSTMAN client to create a cookie based session

Tags:

rest

authentication

cookies

postman

jira

I am using postman client to make REST calls to JIRA API. It says "POST your credentials to http://jira.example.com:8090/jira/rest/auth/1/session" to get SESSION. I tried posting with Form-data, application/x-www-form-urlencoded, raw etc. Nothing worked. which is the right way to do that.

Here is the tutorial i am following: https://developer.atlassian.com/jiradev/jira-apis/jira-rest-apis/jira-rest-api-tutorials/jira-rest-api-example-cookie-based-authentication

like image 967
lch Avatar asked Jan 06 '23 05:01

lch

2 Answers

Since you're using postman, I'm assuming you're in a dev environment. In this case, it might be simpler to get going with the auth header, which is a base-64 encoded username/password. From the documentation here:

Supplying Basic Auth headers

If you need to you may construct and send basic auth headers yourself. To do this you need to perform the following steps: Build a string of the form username:password Base64 encode the string Supply an "Authorization" header with content "Basic " followed by the encoded string. For example, the string "fred:fred" encodes to "ZnJlZDpmcmVk" in base64, so you would make the request as follows.

curl -D- -X GET -H "Authorization: Basic ZnJlZDpmcmVk" -H "Content-Type: application/json" "http://kelpie9:8081/rest/api/2/issue/QA-31"

In the Headers section of Postman, add Authorization with Basic <base64-encoded-username:password>

Don't forget to also add the header Content-Type as application/json

(You can use base64encode.org to quickly encode your username/password). Don't forget to put the string in as username-colon-password (username:password)

like image 192
HeyZiko Avatar answered Jan 13 '23 14:01

HeyZiko

If you are on the same UI as I for postman, click Authorization, select an auth type (I used basic auth succesfully), and then enter your credentials. Next click over to the body tab, select raw, and on the drop down menu on the right choose JSON(applications/json), and supply the body as normal.

That is the first hurdle. The next hurdle which may be hit (and the one I am stuck on) is that once your basic-auth gets accepted, JIRA will deny access as part of Cross Site Request Forgery checks (XSRF) with a code 403. I have a ticket open right now seeing if there is a possible workaround to post and put from postman, because using postman and newman would be much much simpler than building an entire plugin which I have to jump through a bunch of hoops to access.

like image 32
Eli Evans Avatar answered Jan 13 '23 14:01

Eli Evans
Sign in to Comment

Related questions

@XmlRootElement to String
Difference between @Path and @WebServlet
Node.js Express nested resources
How can I retrieve POST data from a Jetty AbstractHandler handle() method?
Where to put favicon for a scala Spray application (i.e. what is the root of the site?)?
Django rest framework not encrypting passwords, when being logged into the database
Using RESTeasy on Tomcat
CQRS, Event-Sourcing and Web-Applications
Can i have the same path for two classes in Rest Api?
When to use Soap and when to use Rest [closed]
Is there a way to pass parameters to GET request using wrk?
Spring Security:Can not construct instance of org.springframework.security.core.userdetails.UserDetails
How to identify a user with auth0 jwt
How to impliment Cross-Origin Resource Sharing ( CORS ) in play-framework 2.5.x
Spring Data REST - Consume List of Entities, Java HATEOAS client

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!