Calling Atlassian GraphQL API

konrad.garus · May 16, 2025, 6:48am

I want to call the GraphQL API for Jira in my Exalate mapping scripts. Is there any support for that, other than basic authentication with my access token right there in the script?

The following returns null for the user, as if the request was unuauthneticated:

def query = """
query me {
  me {
    user{
      name
    }
  }
}
"""

httpClient.post("/gateway/api/graphql", new JsonBuilder([ query: query ]).toPrettyString())

Something requiring authentication results in an “unauthenticated” error:

def query = """
query example {
  tenantContexts(hostNames:["mysite.atlassian.net"]) {
    cloudId
    orgId
  }
}
"""

httpClient.post("/gateway/api/graphql", new JsonBuilder([ query: query ]).toPrettyString())

Returns:

{
  "errors": [
    {
      "message": "Auth category: UNAUTHENTICATED is not allowed in service tcs",
      "locations": [],
      "extensions": {
        "allowedAuth": ["API_TOKEN", "SESSION"],
        "presentedAuth": "UNAUTHENTICATED",
        "errorSource": "GRAPHQL_GATEWAY",
        "statusCode": 403.0,
        "agg": { "severity": "NORMAL", "ugcPiiSafe": true },
        "classification": "IncorrectAuthException"
      }
    }
  ],
  "data": { "tenantContexts": null },
  "extensions": {
    "gateway": {
      "request_id": "219bcf3c-525a-46c5-abd4-cd8980e8dac2",
      "trace_id": "219bcf3c525a46c5abd4cd8980e8dac2",
      "crossRegion": false,
      "edgeCrossRegion": false
    }
  }
}

If I use the API gateway URL at https://api.atlassian.com/graphql, I also get a 401 error.

Majid · May 17, 2025, 9:20am

When you try to hit any endpoint using the httpClient from within Exalate scripts, all requests get authenticated via the proxy user (app user). But in my experience, for the GraphQL endpoints that you are trying to get to, you might require additional auth - I am not sure.
If additional auth is required, you can store a token in the scripts, but yes, that would be plain text. The other way is to have the token configured on your Exalate node (via support) and store it in an environment variable - that would still require you to share the token one time with Exalate support.

Let me know if it helps.

Thanks
Majid

Topic		Replies	Views
httpClient returns null for any rest call General Questions exalate , cloud-jira , migrated_question , rest	2	149	November 4, 2024
Jira Cloud - REST API call to difference Atlassian API site General Questions cloud-jira , rest-api , migrated_question	2	43	November 4, 2024
How to perform a JQL search inside Jira DC incoming script Script Library onpremise-jira , jql-functions	0	27	March 20, 2025
Interacting with Jira REST API from Exalate Groovy script Use Case usecase , cloud-jira , migrated_question	1	27	November 4, 2024
Exalate API Authentication General Questions onpremise-jira , migrated_question	2	7	November 4, 2024

Calling Atlassian GraphQL API

Related topics