How to fix the authentication problem with Okta Single Sign-On in Confluence Command Line Interface (CLI)

When Confluence is connected through Okta Single Sign-On, you might encounter the error below while performing actions in Confluence Command Line Interface (CLI): 

"Remote error: User is not authorized to perform the request. Response code: 401"

This error mat restrict you from performing any further actions. This article explains how to fix this unauthorized error.


  1. Check if the username mentioned in the Command Line Interface properties file ( is correct.
    Please refer to CLI Client Installation and Use for the installation instructions.
  2. Check whether the user has access permissions to log in to the Confluence instance.
  3. Run the Command Line Interface (CLI) actions through the app supplied token rather than the password.
    1. Install API Token Authentication for Confluence from the marketplace in the Confluence instance.
    2. Provide the license key in the license section.
    3. Once the app is installed, navigate to the profile by clicking the avatar on the top right corner.
    4. Select API Token Authentication from the options.

      This page allows users to create their own API tokens.
    5. Click New API Token to navigate to the window to create a token.
    6. Click Create API Token in the New API Token window.
    7. Copy this token and paste it against the password parameter in the Command Line Interface properties file (

    8. Save the file and run the actions in Command Line Interface (CLI) with "--options basicAuthentication" as mentioned below:

      --action getSpaceList --options basicAuthentication
      Please note that the generated API token is valid for the user only when the token is not deleted from the API token page.

Customers reluctant to use the app API Token Authentication for Confluence are advised to find an Okta way/configuration to run Confluence REST APIs without interference.