Forge invokeRemote for anonymous user fails with FCT validation error

XMLWordPrintable

    • Type: Bug
    • Resolution: Fixed
    • Priority: Low
    • Component/s: Ecosystem
    • None
    • Minor
    • 2

      Issue Summary

      When user is logged in under the account that doesn't exist in Confluence instance, calling Forge's invokeRemote function fails with the FCT validation error.

      Steps to Reproduce

      1. Allow anonymous access to the module in Forge app manifest: 
        unlicensedAccess:   
  - anonymous
      2. Access the app as an anonymous (not logged-in) user, everything works as expected and user can use the app.
      3. Log in to the same Confluence instance with a user who does not exist in that instance and call remote backend via invokeRemote from Custom UI: receive the error: 
        Error: Failed to validate FCT: 'accountId' claim mismatch
      4. Add a user as a guest to this Confluence instance, then remove it.
      5. For the same scenario the error is now the following:
      Error: Invocation of the function is forbidden

      Expected Results

      No errors and both cases a treated as anonymous user.

      Actual Results

      Error: Failed to validate FCT: 'accountId' claim mismatch
Error: Invocation of the function is forbidden

      Workaround

      Currently there is no known workaround for this behavior. A workaround will be added here when available

              Assignee:
              Felipe Souza Dias
              Reporter:
              Roman Toropov
              Votes:
              4 Vote for this issue
              Watchers:
              6 Start watching this issue

                Created:
                Updated:
                Resolved: