Problem

The Jira Data Center and Server mobile app shows one of the following errors when user tries to log in or connect the app to an existing Jira site, or displays a desktop version of Jira after logging in.

Cause

Problems with logging in often occur if you’re using a proxy server, which might modify the response returned to the mobile app. If the response doesn’t include all headers or cookies required by the app, you either won’t be able to log in at all or will see a desktop version of Jira instead of the mobile one.

Diagnosis

To check which headers are returned by the mobile app, you can make a HEAD request with the URL.

• For earlier versions of the mobile app and mobile plugin (up to Jira 8.10), allowlist <jira-base-url>/server-info.

curl -I http://jira.cluster.com/jdc/server-info

HTTP/1.1 200 
Date: Fri, 19 Aug 2022 07:49:38 GMT
Server: Apache/2.4.53 (Unix)
X-AREQUESTID: 589x1x1
X-ANODEID: node1
Referrer-Policy: strict-origin-when-cross-origin
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
Strict-Transport-Security: max-age=31536000
mobile-plugin-enabled: true
push-notification-enabled: true
instance-name: Jira
jira-base-url: http://jira.cluster.com/jdc
is-data-center: true
new-create-metadata-api: true
X-AUSERNAME: anonymous
Content-Type: text/html;charset=UTF-8
Set-Cookie: atlassian.xsrf.token=B8NL-N3FR-DNWI-ZN6F_30cc0b3f8f1059860425c76d2a0e860e367e36e5_lout; Path=/jdc

• For latest versions (from Jira 8.10), allowlist <jira-base-url>/rest/nativemobile/1.1/info/login.

curl -I http://jira.cluster.com/jdc/rest/nativemobile/1.1/info/login

Solution

UPDATE You no longer need to allowlist headers if you're using the latest version of the mobile app and mobile plugin for Jira (bundled in Jira 8.10 and later). You still need to allowlist cookies, as described below.

1. Headers: Allowlist the following headers on your proxy server. Not all of them might be required in your specific version (some were added only in later Jira versions), but it’s safer to just allowlist all of them. 

   push-notification-enabled: true
   x-arequestid: <string e.g. 57x13275079x1>
   instance-name: <name>
   jira-base-url: <base-url>
   mobile-plugin-version: <version>
   mobile-login-url: <string>
   new-create-metadata-api: <boolean>
   mobile-app-disabled: <boolean>
   mobile-plugin-enabled: <boolean>
   jira-build-number: <integer>

2. Cookies: Allowlist the following cookie on your proxy server. It can assume the true or false value. 

authenticated

 To configure the allowlist, you need to modify the proxy configuration file. P.E. If using Nginx, there is a configuration file called "nginx.conf" which is the one you can configure the headers.

         Using Jira 8.9.1 or later?

If you're using Jira 8.9.1 or later, this problem might be related to a bug we've recently discovered. We're planning to release the fix in the mobile app versions 1.11.x (iOS) and 0.12.1 (Android), but until then you can work around this problem by enabling a dark feature or contacting our Support team for help. For more info on what you should do, see  JRASERVER-71175 - Getting issue details... STATUS