Uploaded image for project: 'Atlassian OAuth 2.0'
  1. Atlassian OAuth 2.0
  2. OAUTH20-2485

Using the Atlassian OAuth REST API endpoint "accessible-resources" for your third-party app won't retrieve permissions for Guest users in confluence Cloud

XMLWordPrintable

    • Icon: Suggestion Suggestion
    • Resolution: Unresolved
    • None
    • OAuth 2.0 Client
    • None

    • Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

      When using the OAuth REST API endpoint: https://api.atlassian.com/oauth/token/accessible-resources the response will send all available resources to the user that approves the app calling the endpoint, and then the Site ID in that body will be used to call the product API on behalf of the user.

      If you try to run the endpoint https://api.atlassian.com/oauth/token/accessible-resources and authorize the app as a guest, the API won't return a list of any available resources.

      This prevents third-party apps from allowing Confluence Guests to complete the app authorization flow.

      It would be great if the endpoint https://api.atlassian.com/oauth/token/accessible-resources could check and retrieve accessible resources for Confluence guests.

      Endpoint reference: https://developer.atlassian.com/cloud/confluence/oauth-2-3lo-apps/#get-list-of-resources

              Unassigned Unassigned
              ebc00f6a1693 Diego Peralta (Inactive)
              Votes:
              4 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated: