While trying to develop a script using the API, I was doing some tests with the web access to it. And it kept telling me I was not authorised even if I used the first JSS account created that could, of course, perfectly access the JSS. I tried another account with full admin privileges and it was the same.
I've been searching for a few hours until I realised what was wrong, my passwords. Both used a special character, the "%". When I changed the password to another one without this specific character, it worked perfectly.
So, it seems that it's a bad idea, which makes sense as this character is used to encode special characters in URLs but I just wanted to mention it here.
FWIW, I tried to escape this character in my curl command but it failed to, but I haven't tried hard or searched among the gazillions options of curl to make sure I did it correctly.
I'm guessing the extra j when you call the variable isn't the problem ;)
It does sound like it's just an unsupported character as you said. Could be worth putting the question to JAMF support when you're next speaking to them.