Uploaded image for project: 'Confluence Cloud'
  1. Confluence Cloud
  2. CONFCLOUD-82890

Remove Requirement for write:confluence-content Scope When Listening to Trashed/Deleted Events in Forge Confluence Apps

XMLWordPrintable

    • Icon: Suggestion Suggestion
    • Resolution: Unresolved
    • Ecosystem

    • Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

      Currently, Forge apps for Confluence that only require read access (such as eazyBI for Confluence) are forced to request the write:confluence-content OAuth scope to listen to trashed and deleted content events. This is inconsistent with Connect, where only read permissions are needed for similar webhook events. This requirement creates unnecessary friction for app vendors who do not need write access.

      • Align Forge Confluence event permissions with Connect by allowing trashed/deleted events to be consumed with only read scopes.
      • Enable smoother migration from Connect to Forge for vendors who only require read access. The elevation of permission results in major version upgrade.

      Related ticket: https://jira.atlassian.com/browse/CONFCLOUD-81189.

              Unassigned Unassigned
              54bf2707b706 Deepak Pandey
              Votes:
              1 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated: