Atlassian has introduced support for API tokens for all Atlassian Cloud sites as a replacement for basic authentication requests that previously used a password or primary credential for an Atlassian account.
Basic authentication with passwords is now deprecated and will be removed in 2019 per Atlassian REST API policy.
If you currently rely on a script, integration, or application that makes requests to Confluence Cloud with basic authentication, you should update it to use basic authentication with an API token, OAuth, or Atlassian Connect as soon as possible.
Using primary account credentials like passwords outside of Atlassian's secure login screens creates security risks for our customers. API tokens allow users to generate unique one-off tokens for each app or integration. If needed, users can easily revoke API tokens.
Furthermore, as customers adopt features like two-factor authentication and SAML, passwords may not work in all cases. Atlassian designed API tokens as an alternative for Atlassian accounts in organizations that use these features.
For the following APIs and pages, all requests using basic authentication with a non-API token credential will return 401 (Unauthorized) after the deprecation period: