-
Suggestion
-
Resolution: Unresolved
Problem Definition
Currently AP.request() calls made from Connnect macros when displayed via the Jira Service Desk customer portal do not allow for unlicensed users (which JSD customers usually are) to make POST requests to Confluence APIs.
Suggested Solution
AP.request() calls made from Connect macros shown in the JSD customer portal to be allowed using the same unlicensed Confluence behaviour that applied for GET requests.
Workaround
Vendors can make the POST requests from their application server, rather than using AP.request() to make an impersonated request from the client-side.
Notes
The current solution for unlicensed users viewing Confluence content, including macros, from the Jira Service Desk customer portal strictly allows only read access to Confluence. For this reason, supporting GET requests from Confluence macros is mostly sufficient. The exception is any POST request that only requires read permission like https://developer.atlassian.com/cloud/confluence/rest/#api-api-contentbody-convert-to-post
- mentioned in
-
Page Failed to load
[CONFCLOUD-68678] Connect macro content not viewable via Jira Service Desk customer portal knowledge-base
Component/s | Original: User - Permissions [ 46370 ] |
Epic Link | New: CONFDEV-72430 [ 1668520 ] |
Rank | New: Ranked lower |
Rank | New: Ranked lower |
Remote Link | New: This issue links to "Page (Confluence)" [ 462885 ] |
Description |
Original:
h3. Problem Definition
Currently {{AP.request()}} calls made from Connnect macros when displayed via the Jira Service Desk customer portal do not allow for unlicensed users (which JSD customer are) to view content. h3. Suggested Solution AP.request() calls made from Connect macros shown in the JSD customer portal to be allowed using the same unlicensed Confluence behaviour that applies for GET requests. h3. Workaround Currently there is no known workaround for this behavior. A workaround will be added here when available |
New:
h3. Problem Definition
Currently {{AP.request()}} calls made from Connnect macros when displayed via the Jira Service Desk customer portal do not allow for unlicensed users (which JSD customers usually are) to make POST requests to Confluence APIs. h3. Suggested Solution AP.request() calls made from Connect macros shown in the JSD customer portal to be allowed using the same unlicensed Confluence behaviour that applied for GET requests. h3. Workaround Vendors can make the POST requests from their application server, rather than using {{AP.request()}} to make an impersonated request from the client-side. h3. Notes The current solution for unlicensed users viewing Confluence content, including macros, from the Jira Service Desk customer portal strictly allows only read access to Confluence. For this reason, supporting GET requests from Confluence macros is mostly sufficient. The exception is any POST request that only requires read permission like https://developer.atlassian.com/cloud/confluence/rest/#api-api-contentbody-convert-to-post |
Description |
Original:
h3. Problem Definition
Currently {{AP.request()}} calls made from Connnect macros when displayed via the Jira Service Desk customer portal do not allow for unlicesned users (which JSD customer are) to view content. h3. Suggested Solution AP.request() calls made from Connect macros shown in the JSD customer portal to be allowed using the same unlicensed Confluence behaviour that applies for GET requests. h3. Workaround Currently there is no known workaround for this behavior. A workaround will be added here when available |
New:
h3. Problem Definition
Currently {{AP.request()}} calls made from Connnect macros when displayed via the Jira Service Desk customer portal do not allow for unlicensed users (which JSD customer are) to view content. h3. Suggested Solution AP.request() calls made from Connect macros shown in the JSD customer portal to be allowed using the same unlicensed Confluence behaviour that applies for GET requests. h3. Workaround Currently there is no known workaround for this behavior. A workaround will be added here when available |
This affects all the 3rd part apps if they are used on a page that is shown through the JSD/JSM portal (knowledge base)
Something very similar we have been seeing on server/DC - https://jira.atlassian.com/browse/CONFSERVER-30161