Currently we have Bulk user email lookup API which uses GET method.

This works but when called from a Forge app causes issues with `route` tagged literal.
Because, according to the documentation

When route is called, the Forge runtime also checks for possible path manipulation attempts (for example, issueKey or repo_slug coming from the user as ../../../evil_api_call), escaping or blocking as needed.

If the URL is constructed separately, the runtime might throw an exception for this as a false positive. This is because the runtime has no way of knowing which parts might have been manipulated by the user.

Which means, when we try to pass multiple aaids, the API call doesn't work with `route`

    const accountIdsParam = accountIds.join('&accountId=');
   const response = await api.asApp().requestConfluence(route`/wiki/rest/api/user/email/bulk?accountId=${accountIdsParam}`, {
      method: "GET",
      headers: {
        "Accept": "application/json"
      },
    });

The above doesn't return data.

Alternative is to use `assumeTrustedRoute` which isn't ideal, as using `route` is recommended.

    const accountIdsParam = accountIds.join('&accountId=');
   const response = await api.asApp().requestConfluence(assumeTrustedRoute(`/wiki/rest/api/user/email/bulk?accountId=${accountIdsParam}`), {
      method: "GET",
      headers: {
        "Accept": "application/json"
      },
    });

Please provide a bulk email lookup API that uses POST method instead so that we can safely use `route` in Forge app.

Workaround

It's possible to use `route` like this.

  const params = new URLSearchParams();
  accountIds.map(id => params.append('accountId', id));

    const response = await api.asApp().requestConfluence(route`/wiki/rest/api/user/email/bulk?${params}`, {
        method: "GET",
      headers: {
        "Accept": "application/json"
      },
    });