Jazz Forum Welcome to the Jazz Community Forum Connect and collaborate with IBM Engineering experts and users

Unauthorized while linking changeset from SCM to JIRA using REST API

Questions
Tags
Users
Badges
Swathi sheshadri
(132114) Nov 17 '25, 4:51 a.m.

Hello Team,

I am working on ewm scm to jira changeset linking -> I am getting 401 unauthorized through script, but as soon as i do the same steps manually and then try it through script it returns 200. Below is my code - I am using basic authentication: Kindly let me know if you have tried different approach. ( However, i am able to create link from JIRA to scm but back link i am unable to create due to authentication)

public Boolean createLink(String jiraUrl) {

#####

String linkEndpoint = fTeamRepository.getRepositoryURI()

+ "service/com.ibm.team.scm.common.internal.rest.IScmRestService2/addChangeRequests";

String responseBody = "changeSetItemId=" + fChangeSet.getItemId().getUuidValue() + "&targetOslcResourceUris="

+ URLEncoder.encode(jiraUrl) + "&targetLabels=" + "Test%20scm%20to%20jira%20linking"

+ "&targetRepoIds=&targetRepositoryURIs=";

HttpURLConnection linkConn = (HttpURLConnection) new URL(linkEndpoint).openConnection();

linkConn.setRequestMethod("POST");

byte[] decodedBytes = Base64.getDecoder().decode(encodedKey.trim());

String pswd = new String(decodedBytes);

String auth = fTeamRepository.loggedInContributor().getUserId() + ":" + pswd;

String encodedAuth = Base64.getEncoder().encodeToString((auth).getBytes());

linkConn.setDoOutput(true);

linkConn.setInstanceFollowRedirects(true);

linkConn.setRequestProperty("Authorization", "Basic " + encodedAuth);

linkConn.setRequestProperty("Content-Type", "application/x-www-form-urlencoded; charset=UTF-8");

linkConn.setRequestProperty("accept", "text/json");

linkConn.setRequestProperty("x-requested-with", "XMLHttpRequest");

linkConn.setRequestProperty("X-Jazz-CSRF-Prevent", "1");

//linkConn.setRequestProperty("Cookie", cookies);

try (OutputStream os = linkConn.getOutputStream()) {

byte[] input = responseBody.getBytes("utf-8");

os.write(input, 0, input.length);

}

int responseCode = linkConn.getResponseCode();

String responseMsg = linkConn.getResponseMessage();

System.out.println("Response: " + responseCode + " " + responseMsg);

####

}

0 votes

1 answer
301 views
0 votes

One answer

Permanent link
Ralph Schoon
(565) Nov 17 '25, 5:53 a.m.
You are not properly authenticated. For how authentication works, see: https://rsjazz.wordpress.com/2021/10/15/elm-authentication/ .
The "X-Jazz-CSRF-Prevent" header must contain the content of the JSESSIONID cookie for write operations. 

1 vote

Comments
Swathi sheshadri
Nov 27 '25, 1:45 a.m.

Hello Ralph, thank you for your prompt answer. The script is working fine now on Jenkins trigger for daily even after I have hardcoded value of JSESSIONID in the header.

Ralph Schoon
Nov 27 '25, 3:14 a.m.

You get the JSESSIONID cookie during the login process. You are NOT suggested to invent an arbitrary valuer and put it there. This might bite you in the future.

Your answer

Register or log in to post your answer.

Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.

Ask a question
Guidelines
FAQ
Search context
Follow this question

By Email: 

Once you sign in you will be able to subscribe for any updates here.

By RSS:

Answers
Answers and Comments
Question details
× 11,085
× 7,603
× 1,732
× 1,432
× 383

Question asked: Nov 17 '25, 4:51 a.m.

Question was seen: 301 times

Last updated: Nov 17 '25, 5:53 a.m.

Confirmation Cancel Confirm