OAuth troubleshooting guide
This page describes the specific OAuth errors that can be diagnosed automatically by application links and the actions you can take to correct those errors.
Application links, from version 5.2, only use OAuth authentication because of the greater security inherent in that protocol. Atlasssian doesn't recommend or support the Trusted Applications or Basic Access authentication types anymore. See OAuth security for application links for more information.
On this page:
Common OAuth errors with application links
Unrecognized OAuth consumer key
The application link was attempting to authenticate with the remote application but the OAuth credentials were rejected, either because the consumer key is stale, or it has no matching link.
You may see this error message in the Atlassian application logs:
oauth_problem=consumer_key_unknown
Possible causes | Actions you can take |
---|---|
|
|
OAuth signature rejected
The local application was unable to authenticate with the remote application.
You may see this error message in the Atlassian application logs:
oauth_problem=signature_invalid
Possible causes | Actions you can take |
---|---|
The application URL for the link does not match the URL that the remote application is reporting. |
|
Misconfigured proxy or server.xml for the application. | Check that the proxy and the application both use the same protocol (that is, HTTP, or HTTPS):
Check our Reverse proxy troubleshooting guide. |
The system clocks are not synchronized
The application link was attempting to authenticate with the remote application but the timestamps from the local and remote machines do not match. This prevents the applications from authenticating with each other.
You may see this error message in the Atlassian application logs:
oauth_problem=timestamp_refused
Possible causes | Actions you can take |
---|---|
The system clocks are not synchronized because of:
|
|
OAuth token rejected
The application link was attempting to authenticate with the remote application but the OAuth token was rejected.
You may see this error message in the Atlassian application logs:
oauth_problem=token_rejected
Possible causes | Actions you can take |
---|---|
The user has established an OAuth token before, but sometime later revoked the token on the remote end. |
|
OAuth mismatch
The application link was attempting to authenticate with the remote application but the OAuth configuration is not the same at both ends of the application link. For example, if you wish to use impersonation, then both the local and remote ends of the link must be set to use impersonation.
Unsupported OAuth level
The application link was attempting to authenticate with the remote application but the OAuth level configured for the link does not support all the available integration features. For example, your team can't see the details dialogs for the Development panel in Jira Software issues.
You need to update the application link to use 2-legged OAuth for the link.
Access denied
You are logged in to the local application using an account that does not have admin permissions on the remote application. If you don't have such an account, you may be able to:
- Obtain temporary admin permissions for the remote application.
- Find someone in your organization who does have such an account who can complete the task for you.
Error messages in the logs
You may see these error messages in the application logs:
Follow a link above to see detailed information on this page.