OAuth2 token authentication fails with 401 error for Jira Agile REST API calls

ExcitedGamer85 · July 18, 2025, 2:00pm

I’m having trouble using my OAuth2 token to make API calls to Jira Software endpoints. The token works fine for platform APIs but fails when I try to access agile board data.

Here’s what happens: I can successfully get board information when logged into my browser, but when I make the same request through code, I get a 401 unauthorized error.

$curl_handle = curl_init();
$boards_endpoint = $base_url+'/rest/agile/1.0/board';
curl_setopt($curl_handle, CURLOPT_URL, $boards_endpoint);
curl_setopt($curl_handle, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl_handle, CURLOPT_HTTPGET, true);
curl_setopt($curl_handle, CURLOPT_HTTPHEADER, [
    'Content-Type: application/json',
    'Authorization: Bearer ' . $oauth_token['token_value']
]);
$response_data = curl_exec($curl_handle);
$status_code = curl_getinfo($curl_handle, CURLINFO_HTTP_CODE);
curl_close($curl_handle);

echo 'Status: '.$status_code;
print_r(json_decode($response_data));

The response shows status code 401 with message about client authentication required. I’ve configured the OAuth app with proper scopes including read:board-scope:jira-software and read:project:jira. I verified the token has access to resources but still getting authentication errors.

Any ideas what might be causing this issue?

SwiftCoder42 · July 28, 2025, 1:31am

This sounds like an OAuth flow issue, not a scopes problem. I hit the same authentication failures with Jira’s agile endpoints and found my token refresh wasn’t working right. Your access token might work fine for basic stuff but need a refresh for privileged endpoints like agile boards. Log the actual token you’re sending and check it against your OAuth app’s token inspector. Also make sure your OAuth app uses the right Jira site URL - I’ve seen tokens work for one subdomain but fail on agile calls because of audience mismatch. Check if your Jira instance needs extra auth headers beyond the bearer token for software endpoints too.

CreativeArtist88 · July 27, 2025, 2:56pm

check your token expiry first - oauth tokens for jira agile api don’t last as long as regular platform tokens. also, that $base_url.'/rest/agile/1.0/board' looks wrong. you’re missing the concatenation operator - should be $base_url . '/rest/agile/1.0/board' in php. you might be hitting the wrong endpoint completely.

miat · July 23, 2025, 10:17am

Had this exact problem a few months ago - turned out to be OAuth scope issues. I know you said you’ve got the right scopes, but double-check your Atlassian Developer Console app has both read:board-scope:jira-software AND read:jira-work enabled. The agile endpoints need extra permissions beyond just board scope. Also check if your Jira instance actually has Software enabled for that project. I wasted hours on similar 401s only to find the project didn’t have Jira Software features turned on. Go to Project Settings and see if board config options show up. One more thing - try adding Accept: application/json to your request headers. Some Jira endpoints get weird about this even though it shouldn’t affect auth.