OAuth Troubleshooting Guide

This page is a part of our Application Links Troubleshooting Guide.

This page describes the specific OAuth errors that can be diagnosed automatically by application links and the actions you can take to correct those errors.

Application links, from version 5.2, only use OAuth authentication because of the greater security inherent in that protocol. Atlasssian doesn't recommend or support the Trusted Applications or Basic Access authentication types anymore. See OAuth security for application links for more information.

このページの内容:

 

 

OAuth コンシューマー キーを認識できない

The application link was attempting to authenticate with the remote application but the OAuth credentials were rejected, either because the consumer key is stale, or it has no matching link.

You may see this error message in the Atlassian application logs:

oauth_problem=consumer_key_unknown
考えられる原因
可能な処置
  • The consumer key is stale.
  • There is no matching application link configured on the remote application that links back to the local application. For example, Confluence is linked to Jira, but Jira does not have a reciprocal link back to Confluence.
  • Check that the link exists on the remote application. If it doesn't exist you should create it.
  • Reset the OAuth authentication for both the incoming and outgoing connections of the application link. See OAuth security for application links.
  • If none of the above actions help, delete the application link at both ends and then recreate it.

トップに戻る

 

 

OAuth 署名が却下される

The local application was unable to authenticate with the remote application.

You may see this error message in the Atlassian application logs:

oauth_problem=signature_invalid
考えられる原因
可能な処置
The application URL for the link does not match the URL that the remote application is reporting.
  • Check that the base URL for the remote application is the same as the application URL defined in the link.
  • If using a reverse proxy or port forwarding, check that the "Host" header is reporting the correct host name or port.
  • If using a reverse proxy or port forwarding, check that the applications are correctly configured for use with a reverse proxy.
Misconfigured proxy or server.xml for the application.

Check that the proxy and the application both use the same protocol (that is, HTTP, or HTTPS):

  • Does the application's server.xml file specify the same protocol as the proxy? Look for the scheme attribute in the Tomcat SSL connector directive.
  • Was there a recent upgrade that could have caused a configuration change?

Check our Reverse proxy troubleshooting guide.

See also: OAuth error oauth_problem=signature_invalid

トップに戻る

 

 

システム時計が同期されていない

The application link was attempting to authenticate with the remote application but the timestamps from the local and remote machines do not match. This prevents the applications from authenticating with each other.

You may see this error message in the Atlassian application logs:

oauth_problem=timestamp_refused
考えられる原因
可能な処置

The system clocks are not synchronized because of:

  • an incorrectly set time zone on at least one application
  • substantial differences in the time between the two servers.
  • Synchronize the system times.
  • Set up ntpd to keep the clocks in sync.
  • Set up a network time server to keep the clocks in sync.
  • Check that time zone definitions are provided by each operating system.

トップに戻る

 

 

OAuth token rejected

The application link was attempting to authenticate with the remote application but the OAuth token was rejected.

You may see this error message in the Atlassian application logs:

 oauth_problem=token_rejected
考えられる原因
可能な処置
The user has established an OAuth token before, but sometime later revoked the token on the remote end.
  • Re-authenticate to get a new token. This should happen the next time an application requires user authorization. After this warning appears once, the token will be discarded and the user will be prompted to re-authenticate.

トップに戻る


 

 

OAuth の不一致

The application link was attempting to authenticate with the remote application but the OAuth configuration is not the same at both ends of the application link. For example, if you wish to use impersonation, then both the local and remote ends of the link must be set to use impersonation.

See OAuth security for application links.

トップに戻る

 

 

OAuth レベルがサポートされていない

The application link was attempting to authenticate with the remote application but the OAuth level configured for the link does not support all the available integration features. For example, your team can't see the details dialogs for the Development panel in Jira Software issues.

You need to update the application link to use 2-legged OAuth for the link.

See OAuth security for application links .

トップに戻る

 

 

 

Access denied

You are logged in to the local application using an account that does not have admin permissions on the remote application. If you don't have such an account, you may be able to:

  • Obtain temporary admin permissions for the remote application.
  • Find someone in your organization who does have such an account who can complete the task for you.

See OAuth security for application links.

トップに戻る

 

Error messages in the logs

You may see these error messages in the application logs:

Follow a link above to see detailed information on this page.

Application log locations

Click to see the location of error logs...

ログ作成の設定 アプリケーション ログ Tomcat Web サーバーログ
Bamboo <Bamboo installation directory> /logs  
Bitbucket Server / Stash

<Bitbucket home directory>/log

<Stash home directory>/log

<Bitbucket Server installation directory>/logs

<Stash installation directory>/logs

Confluence <Confluence home directory>/logs <Confluence installation directory >/logs
Crowd <Crowd home directory>/logs <Crowd installation directory>/apache-tomcat/logs
Crucible <Crucible installation  directory>/var/log/  
Fisheye <FishEye installation  directory>/var/log/  
Jira アプリケーション <JIRA application home directory>/log <JIRA application installation directory>/logs

より詳細なログを取得するには、アプリケーションで DEBUG レベルのログ作成を有効にすることを検討してください。DEBUG はすべてのスタック トレースを追加し、HTTP 応答メッセージを含みます。

 

説明 This page is a part of our Application Links Troubleshooting Guide on OAuth.
製品 Jira, Confluence, Bitbucket, Bamboo, Fisheye, Crucible
プラットフォーム サーバー
最終更新日: 2018 年 9 月 11 日

この内容はお役に立ちましたか?

はい
いいえ
この記事についてのフィードバックを送信する
Powered by Confluence and Scroll Viewport.