Problems with logging in because of missing headers or cookies

Still need help?

The Atlassian Community is here for you.

Ask the community

This article only applies to Atlassian's server products. Learn more about the differences between cloud and server.

Problem

The Jira Data Center and Server mobile app shows one of the following errors when user tries to log in or connect the app to an existing Jira site, or displays a desktop version of Jira after logging in.

Can't connect to your site

This could be because the URL is wrong, you need to use a VPN, or <url> is unavailable.

Can't check compatibility

A custom filter may be preventing unauthenticated requests to your server. Talk to your admin to resolve this.

Your site is unavailable or you need to connect to your VPN or network to access it.

We're missing something

This app needs Jira 8.3 or later.

If you’re already running Jira 8.3, ask your admin to install or enable the Jira mobile plugins so you can use this app. 

Cause

Problems with logging in often occur if you’re using a proxy server, which might modify the response returned to the mobile app. If the response doesn’t include all headers or cookies required by the app, you either won’t be able to log in at all or will see a desktop version of Jira instead of the mobile one.

Diagnosis

To check which headers are returned by the mobile app, you can make a HEAD request with the URL.

  • For earlier versions of the mobile app and mobile plugin (up to Jira 8.10), allowlist <jira-base-url>/server-info.
curl -I http://jira.cluster.com/jdc/server-info
Show sample response...
HTTP/1.1 200 
Date: Fri, 19 Aug 2022 07:49:38 GMT
Server: Apache/2.4.53 (Unix)
X-AREQUESTID: 589x1x1
X-ANODEID: node1
Referrer-Policy: strict-origin-when-cross-origin
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
Strict-Transport-Security: max-age=31536000
mobile-plugin-enabled: true
push-notification-enabled: true
instance-name: Jira
jira-base-url: http://jira.cluster.com/jdc
is-data-center: true
new-create-metadata-api: true
X-AUSERNAME: anonymous
Content-Type: text/html;charset=UTF-8
Set-Cookie: atlassian.xsrf.token=B8NL-N3FR-DNWI-ZN6F_30cc0b3f8f1059860425c76d2a0e860e367e36e5_lout; Path=/jdc
  • For latest versions (from Jira 8.10), allowlist <jira-base-url>/rest/nativemobile/1.1/info/login.
curl -I http://jira.cluster.com/jdc/rest/nativemobile/1.1/info/login
Show sample response...

HTTP/1.1 200 

Date: Fri, 19 Aug 2022 07:50:22 GMT

Server: Apache/2.4.53 (Unix)

X-AREQUESTID: 590x1x1

X-ANODEID: node2

Referrer-Policy: strict-origin-when-cross-origin

X-XSS-Protection: 1; mode=block

X-Content-Type-Options: nosniff

X-Frame-Options: SAMEORIGIN

Content-Security-Policy: sandbox

Strict-Transport-Security: max-age=31536000

X-AUSERNAME: anonymous

Cache-Control: no-cache, no-store, no-transform

Content-Type: application/json;charset=UTF-8

Transfer-Encoding: chunked

Set-Cookie: atlassian.xsrf.token=B8NL-N3FR-DNWI-ZN6F_3d6a507240e7e2e97fb409101f6f0bdde3242092_lout; Path=/jdc

Solution

UPDATE You no longer need to allowlist headers if you're using the latest version of the mobile app and mobile plugin for Jira (bundled in Jira 8.10 and later). You still need to allowlist cookies, as described below.

  1. Headers: Allowlist the following headers on your proxy server. Not all of them might be required in your specific version (some were added only in later Jira versions), but it’s safer to just allowlist all of them. 

    push-notification-enabled: true
    x-arequestid: <string e.g. 57x13275079x1>
    instance-name: <name>
    jira-base-url: <base-url>
    mobile-plugin-version: <version>
    mobile-login-url: <string>
    new-create-metadata-api: <boolean>
    mobile-app-disabled: <boolean>
    mobile-plugin-enabled: <boolean>
    jira-build-number: <integer>
  2. Cookies: Allowlist the following cookie on your proxy server. It can assume the true or false value. 
authenticated

(warning) To configure the allowlist, you need to modify the proxy configuration file. P.E. If using Nginx, there is a configuration file called "nginx.conf" which is the one you can configure the headers.

         Using Jira 8.9.1 or later?

If you're using Jira 8.9.1 or later, this problem might be related to a bug we've recently discovered. We're planning to release the fix in the mobile app versions 1.11.x (iOS) and 0.12.1 (Android), but until then you can work around this problem by enabling a dark feature or contacting our Support team for help. For more info on what you should do, see  JRASERVER-71175 - Getting issue details... STATUS

Last modified on Aug 19, 2022

Was this helpful?

Yes
No
Provide feedback about this article
Powered by Confluence and Scroll Viewport.