Uploaded image for project: 'Atlassian Product Integrations'
  1. Atlassian Product Integrations
  2. API-510

Requests from Slack Chat Notifications cause errors when interacting with other apps that try to impersonate the user

XMLWordPrintable

    • Severity 3 - Minor

      Issue Summary

      When creating/editing/saving a page containing a 3rd party macro, the Chat Notification user (Slack integration) sends a request to render the page content (including the macro). This fails if the 3rd party app tries to impersonate the user but an app cannot impersonate another app (user).

      Steps to Reproduce

      The error can only be seen by app developers and it is usually enough to edit a page having a 3rd party macro on it (other steps to reproduce are available in CONFCLOUD-73417). So:

      1. Edit and save a page having a 3rd party macro on it

      Expected Results

      No errors are logged

      Actual Results

      The below exception is thrown in the logs:

      403 Forbidden: [{"error": "Add-on 'ADD_ON_KEY' disallowed to impersonate the user because 'no valid active user exists'"}]

Add-on 'ADD_ON_KEY' is not allowed to impersonate user '5b70c8b80fd0ac05d389f5e9'

      Workaround

      App developers can add an IF condition to their code that will avoid impersonating the user in case the user sending the request to render the page is another app-user (so, in case "accountType" is "app").

            [API-510] Requests from Slack Chat Notifications cause errors when interacting with other apps that try to impersonate the user

            There are no comments yet on this issue.

              Unassigned Unassigned
              dbonotto Dario B
              Affected customers:
              1 This affects my team
              Watchers:
              3 Start watching this issue

                Created:
                Updated: