OAuth error oauth_problem=consumer_key_unknown
Problem
When creating an application link, or using functionality that uses an application link, the applications aren't able to authenticate to each other.
The following appears in the application log:
oauth_problem=consumer_key_unknown
Diagnosis
Environment
- Two applications are connected together using Application Links
- The authentication method used is OAuth
Diagnostic Steps
- The error happens intermittently. Recreating Application Links from both servers still does not fix it
OR - Missing Application Link from one server
Cause
- There are duplicate data in the database causing it to use different Consumer key
OR - The Application Link is only configured in one direction. For example, Confluence is linked to JIRA; but JIRA does not have a reciprocal link to Confluence. This can be caused by a misconfigured network where one application server cannot reach the other over the connector port.
Resolution
Delete the duplicate data in the database
Shutdown the application
- Backup database for rollback purposes
Search for duplicate data
SELECT * FROM BANDANA WHERE bandanakey = 'com.atlassian.oauth.consumer.ConsumerService:host.__HOST_SERVICE__';
- Delete the duplicate row, so that it will only have one result
- Restart the application
Recreate the Application Link in both servers
If your applications use a reverse proxy, ensure they have been configured correctly for use with the reverse proxy.
Once the applications have been configured, delete and recreate the Application Link.
Alternatively, ensure the reverse proxy has been bypassed for use in an unproxied Application Link.
Ensure there's proper bi-directional communication between both of the applications. Try to hit the endpoint to retrieve the manifest file from one server to the other. If this does not work, adjust firewall/ports/AWS security groups as needed for proper communication.
curl -H "Accept: application/json" http://HOST/ContextPath/rest/applinks/1.0/manifest -v