How to make use of a cookie to get logged through the browser?

Still need help?

The Atlassian Community is here for you.

Ask the community

DEPRECATED - Does not work anymore

(warning) (error) Basic authentication with userrname and password and Cookie authentication have been deprecated in Cloud. For details see:


Purpose

Sometimes users need to access their accounts without the need to actually type their passwords. This KB intention is to show how to acquire a cookie using REST API and then re-utilize the same cookie to log in to Atlassian Cloud platform without the need to type a password.

Solution

  • Open a terminal window or install Postman extension on your browser.
  • The following command will save your cookie information into a file called cookie.txt remember where you saved that.
  • The first command below can be executed in the terminal or Postman, for the username value you can use either your email or your registered username.

    cURL to acquire a cookie
    Calling the /rest/auth/latest/session endpoint using cURL to acquire the cookie
    
    curl -D- -H "Content-Type: application/json" -c cookie.txt -d '{"username":"XXXXXX", "password":"XXXXXX" }' -X POST https://instance.atlassian.net/rest/auth/latest/session
  • After you have gathered the cookie for your user session, you may want to test by fetching an issue from your JIRA Cloud, execute the second command and replace the issue key with a valid one.


    cURL to fetch an issue from Jira
    You can test if your cookie is valid by checking an issue with the following command
    
    curl -D- -H "Content-Type: application/json" -b cookie.txt -X GET https://instance.atlassian.net/rest/api/2/issue/ABC-12345


    With that done, you can move to the second phase


  • Open your browser, and copy and paste your cloud instance URL, after you hit enter you will be redirected to our identity portal
  • There you will need to open the browser developer console and click on the network tab.
  • Observe in the network tab a GET request to https://id.atlassian.com/login look for an entry like this cookie: atlassian.account.xsrf.token=123456787; atlassian.account.ffs.id=123454566787890c; ajs_user_id=null; ajs_anonymous_id=11234567890
  • Now, to edit that in Chrome, for instance, you need to install an extension like Tampermonkey, however, if you are using Firefox you just need to click in the request with the right button of the mouse and select Edit and Resend
  • In case you are using Firefox, you just need to go the cookie entry in the Request Headers section, at the end of the line, place a semicolon ( ; ) and hit space bar, after that copy and paste the cloud.session.token= placing the cookie token after the equal sign.
  • Click send and you will receive a redirection link with https://id.atlassian.com/login?token=token copy that and paste into the browser URL navigator bar and hit enter.
  • The browser will make use of the cookie token session and automatically get you into the application.


Related Content



Last modified on Jul 10, 2019

Was this helpful?

Yes
No
Provide feedback about this article
Powered by Confluence and Scroll Viewport.