We are recently seeing a lot of “Authentication request has expired. Try reloading the page.” errors in our atlassian-connect-express backend. The issue has started to appear on the 12th of September.
I have found one way to reproduce the issue:
- In a Connect app that configures a content list view page for a custom content type, navigate to that page.
- Now continue browsing Confluence for at least 3 minutes, for example by navigating to some pages through the space sidebar.
- Now navigate back to the content list view through the space sidebar. The loading spinner will stay until it times out, but on the browser console you can see that accessing the app backend returned a 401 because of an expired JWT token.
It seems that once a content list view page is loaded, a JWT is generated for it and then cached. When the page is opened again without a browser refresh in the meantime, the same JWT is reused, even though it expires after 3 minutes. Confluence should instead generate a new JWT every time the page is opened. It is also not the greatest user experience that the loading spinner keeps spinning even though the backend has returned an error.
This issue does not seem to occur for macros.