Atlassian access tokens and REST API endpoints
Atlassian's cloud products have REST APIs, but accessing them with tokens is a major pain - the base URL is different depending on the token type, and confluence API v2 documentation misses the API prefix.
Scoped vs. unscoped tokens
Access tokens created via https://id.atlassian.com/manage-profile/security/api-tokens come in two flavors: scoped and unscoped.
When using an unscoped token, you have to use https://customername.atlassian.net/ as API domain.
Scoped tokens need a different domain and path: https://api.atlassian.com/ex/confluence/<cloudid>/. Cloud ID can be found at https://customername.atlassian.net/_edge/tenant_info.
Source: https://support.atlassian.com/confluence/kb/scoped-api-tokens-in-confluence-cloud
REST API v1 vs. v2
Links:
- Confluence Spaces REST API v1: https://developer.atlassian.com/cloud/confluence/rest/v1/api-group-space/
- Confluence Spaces REST API v2: https://developer.atlassian.com/cloud/confluence/rest/v2/api-group-space/
Documentation for v1 lists the whole path: POST /wiki/rest/api/space. Just use the base URL + the path used here, e.g. https://customername.atlassian.net/wiki/rest/api/space.
Documentation for v2 misses some crucial bits, it only lists GET /spaces. Appending that to the base URL will yield a 404. The solution is to put /wiki/api/v2/ between the base URL and the path given in the docs: https://customername.atlassian.net/wiki/api/v2/spaces.
- v1 path: /wiki/rest/api/
- v2 path: /wiki/api/v2/
Passing tokens via HTTP Basic Auth is possible in REST API v1 and v2.
Spaces API example
- v1 + unscoped token: https://customername.atlassian.net/wiki/rest/api/space
- v1 + scoped token: https://api.atlassian.com/ex/confluence/<cloudid>/wiki/rest/api/space
- v2 + unscoped token: https://customername.atlassian.net/wiki/api/v2/spaces
- v2 + scoped token: https://api.atlassian.com/ex/confluence/<cloudid>/wiki/api/v2/spaces
