Problems with logging in because of missing headers or cookies
This article only applies to Atlassian's server products. Learn more about the differences between cloud and server.
The Jira Server mobile app shows one of the following errors when user tries to log in or connect the app to an existing Jira site, or displays a desktop version of Jira after logging in.
Can't connect to your site
This could be because the URL is wrong, you need to use a VPN, or <url> is unavailable.
Can't check compatibility
A custom filter may be preventing unauthenticated requests to your server. Talk to your admin to resolve this.
Your site is unavailable or you need to connect to your VPN or network to access it.
We're missing something
This app needs Jira 8.3 or later.
If you’re already running Jira 8.3, ask your admin to install or enable the Jira mobile plugins so you can use this app.
Problems with logging in often occur if you’re using a proxy server, which might modify the response returned to the mobile app. If the response doesn’t include all headers or cookies required by the app, you either won’t be able to log in at all or will see a desktop version of Jira instead of the mobile one.
To check which headers are returned by the mobile app, you can make a HEAD request with the URL:
HTTP/2 404 server: Apache/2.4.41 (Ubuntu) push-notification-enabled: true vary: Accept-Encoding jira-base-url: https://jira.atlassian.com content-type: text/html;charset=UTF-8 content-security-policy: frame-ancestors 'self' strict-transport-security: max-age=63072000; preload date: Thu, 24 Oct 2019 11:00:14 GMT x-arequestid: 660x4236x1 x-asen: SEN-500 x-asessionid: sbc7qf x-xss-protection: 1; mode=block mobile-plugin-enabled: true x-ausername: anonymous x-content-type-options: nosniff set-cookie: atlassian.xsrf.token=BS5L-D6D1-TLY9-HJM8_180be825a5962c0f012571d52bd43059e28ed795_lout; Path=/; Secure set-cookie: JSESSIONID=16920DAB51A44904479F3CA1C9AF7C0C.node2; Path=/; Secure; HttpOnly x-anodeid: node2 x-frame-options: SAMEORIGIN instance-name: JIRA
UPDATE You no longer need to allowlist headers if you're using the latest version of the mobile app and mobile plugin for Jira (bundled in Jira 8.10 and later). You still need to allowlist cookies, as described below.
Headers: Allowlist the following headers on your proxy server. Not all of them might be required in your specific version (some were added only in later Jira versions), but it’s safer to just allowlist all of them.
push-notification-enabled: true x-arequestid: <string e.g. 57x13275079x1> instance-name: <name> jira-base-url: <base-url> mobile-plugin-version: <version> mobile-login-url: <string> new-create-metadata-api: <boolean> mobile-app-disabled: <boolean> mobile-plugin-enabled: <boolean> jira-build-number: <integer>
Cookies: Allowlist the following cookie on your proxy server. It can assume the true or false value.
Using Jira 8.9.1 or later?
If you're using Jira 8.9.1 or later, this problem might be related to a bug we've recently discovered. We're planning to release the fix in the mobile app versions 1.11.x (iOS) and 0.12.1 (Android), but until then you can work around this problem by enabling a dark feature or contacting our Support team for help. For more info on what you should do, see - JRASERVER-71175Getting issue details... STATUS