Our apps, which render in Atlassian Connect iframes, are suffering from an issue whereby the avatar of an assignee will not appear for team members by default. To resolve, we have to ask them to change their avatar visibility to “Everyone”.
I think this is a bug since the requests made by AP.request are made by the team member, but are being treated as though they’re not. Could someone please confirm whether this is the case or not?
Request directly:
Request via AP.request:
Thanks
~Dave
@edave - This is by design. Apps only get public info when executing in the context of a user session.
Thanks for clarifying, @akassab. I’m sure there’s 1001 reasons for that, but this does cause confusion and a degraded experience in our apps.
Jira and Atlassian Connect facilitate the request via AP.request in the browser and are solely responsible for denoting the request is actually from the end-user. This is deemed secure enough to send down critically sensitive business information. Is it possible Atlassian could consider those requests “from the actual user” for the sake of profile/avatar visibility as well?
Thanks
~Dave
Hello, is there any intention to update so that we can display picture avatars without asking users to update their avatar profile visibility within an iframe?
