3LO app - check what site was just authorized


I have a 3LO app and when the user goes through the 3LO flow and picks a site to authorize my app for from the dropdown I would like to determine which site they have chosen in my callback.

Is there any way to get this data? I had a look at the JWT token we exchange the rerfresh token for but I couldn’t see anything related to this.


Hi @adam.markham,

My understanding is that after the user picks a site and authorizes an app, the flow returns to the app providing an authorization code. The app must then use this code to request an access token. Once the app has an access token, it can make a call to https://api.atlassian.com/oauth/token/accessible-resources to determine what the user has provided access to.

If you need to work out what resources a user has granted within a given occurrence of the flow, then you could use the refresh token if you have one before the flow to get the accessible resources and then do a diff to the resources available after the flow, but I’m not aware of a use case for this need.


1 Like

Hi Dugald,

Apologies for the late response on this. Yes we could diff the accessible resources.

Our use case is that we want a user to authorize per site so that when the flow completes we can pick up the recently authorized url for storage and display purposes.