BAD_URL; Request not allowed to access URL
Problem
When using Trusted Applications, a request may fail with the error BAD_URL
, followed by the URL that failed. This causes the request to fail. Other functionality between the two applications may be unaffected.
The following will appear in the application log file
BAD_URL; Request not allowed to access URL: {0}; ["/sr/jira.issueviews:searchrequest-xml/temp/SearchRequest.xml"]
Diagnosis
Environment
- Two applications are connected together using Application Links
- The authentication method used is Trusted Applications
Cause
The Source application made a request to a URL, which is part of the Destination application. The "Incoming Authentication" does not list this URL in the "URL Patterns" section.
Resolution
Option 1
- Add the beginning of the URL to the "URL Patterns" section. For example, if the
BAD_URL
reported when connecting to JIRA was/sr/jira.issueviews:searchrequest-xml/temp/SearchRequest.xml
, then we must add this URL to JIRA's Incoming URL patterns.
Option 2
- Removing all URL patterns from the "Incoming Authentication" will allow all requests to come into the Destination application.
Atlassian recommends OAuth
All new Application Links are created using OAuth. It provides all of the functionality of Trusted Applications and Basic Authentication. OAuth allows applications to authenticate and authorise users without accessing their credentials.