Applies to

  • OSLC Connect for Jira 2.7+

  • OSLC Connect for Confluence 1.1+


This error should not be encountered under normal uses of our products as it offers no API to reproduce it manually. Advanced users with the proper knowledge of OAuth flows could use browser’s tools to reproduce this.


In the middle of the OAuth dance, the user needs to confirm that the remote application can access Jira on its behalf. To achieve this, the remote application opens a popup window and loads the Jira login page.

When the user grants access, the connector marks the OAuth request token as authorized and the popup window is closed. It is only when the popup window is closed, that the remote application knows it must continue with the OAuth dance.

The next step is to ask Jira to interchange the request token for an access token, and for that, the request token must be marked as authorized.

To reproduce this error, the remote application must continue with the dance without waiting for the user to approve the remote access. This cannot be emulated on Jira, because there's currently no API to unmark an already-marked token. Trying to get it by a race condition will be hard too because the remote application is waiting for a callback notification to resume the dance (just before closing the window).