BAD_REMOTE_IP; Request not allowed from IP Address
Problem
When using Trusted Applications, a request may fail with the error BAD_REMOTE_IP
, followed by the IP Address that failed. This causes the request to fail. All functionality between the two applications will not function correctly.
The following message will appear in the application log file:
BAD_REMOTE_IP; Request not allowed from IP address: {0}; ["127.0.0.1"]
Cause
The IP address of the Source application is not trusted by the Destination application. The "Incoming Authentication" does not list this IP Address in the "IP Patterns" section.
Alternative Cause
The connection from the Source application is routed through a reverse proxy on a different IP address to that of the Source application.
Resolution
Add the IP address of the Source server to the "IP Patterns" section. This must be added to the "Incoming Authentication" section of the Destination application.
Alternative Resolution
Removing all IP Patterns from the "Incoming Authentication" will allow all requests to come into the Destination application.
Notes for Reverse Proxy Usage
Ensure that any IP addresses used by a reverse proxy are added to the "IP Patterns" section, if they differ from the Source application. You should also ensure that your Reverse Proxy is configured correctly.
Alternatively, you may wish to bypass the reverse proxy, and create an unproxied Application Link.
Atlassian recommends OAuth
All new Application Links are created using OAuth. It provides all of the functionality of Trusted Applications and Basic Authentication. OAuth allows applications to authenticate and authorise users without accessing their credentials.