1. Work with own DB 2. Work with session storage with encryption of api key. Which one is fine?

Hai all,
I am trying to create a third party integration app by using atlassian connect express(ACE). Now i am in a bit confusion to store my credentials for future use. It’s not suggested that to store the confidential data in app properties, entity properties and user properties. So i don’t have any choice to store user credentials securely for future use.
Now i have only two options.

  1. Using my own db to store credentials. If you suggest to use this kindly send any reference file to use own db. because i am newbie to jira.
  2. Another one option is to store an encrypted credentials in session storage for a while. But i don’t know is it safe to store an encrypted credentials by using redis.

Kindly send your suggestion to this problem. Thanks in advance…

You can split the private key and the encrypted token into two different locations (private key into user properties and the encrypted token into DB) that way it can be more secure by making sure only the app has access to both the locations.

coming to using own DB, Its easy to setup a DB just by setting the entry in config.json, something like this

“store”: {
“adapter”: “sequelize”,
“type”: “postgres”,
“url”: “postgres://localhost/my_addon_database”,
“logging”: false


Hai @lavakumar.dukanam Thanks for your quick response. When i read one article, they told if i modify user properties using API, while accessing the user properties using API, i will get only the old data not the updated one. Is it true?

This seems to be a duplicate of Which app method is efficient to create third party integration applications(connect or forge)? - #11 by SuryaA

@remie I created this question for different purpose.