From 15 May 2017 we'll be making some changes to the login REST resource for JIRA and Confluence Cloud. We've prepared this knowledge base article as a reference for customers who rely on this resource.

What will be changing?

The login REST resource will be changed so that it may only be used by Atlassian accounts with verified email addresses. If this resource is used with an Atlassian account that has an unverified email address, this resource will return an error (HTTP status code 409). Additionally, for both the login and current user resources, session information (the "loginInfo" section) will no longer be returned in the response's payload.

FAQ

Atlassianアカウントとは何ですか?

Atlassian account is the single user account for logging into Atlassian Cloud products, as well as our Help, Knowledge and Billing systems. This is being progressively rolled out to JIRA, Confluence and HipChat, and has been fully rolled out for Bitbucket. 

More details can be found here: Introducing Atlassian account. 

A user got a 409 response from the login REST resource. What should I do?

The simplest option is to have the user log in to Atlassian account through their browser which will prompt them to verify their account. This process will send an email with a link that, when followed, will verify their account. Once this is done, the resource should work again.

If the email cannot be verified then this account should no longer be used. Instead, switch to an existing verifiable account or create a new one.

Alternatively, Basic Authentication can be used as this stateless form of authentication can be used by unverified Atlassian accounts.