I would appreciate any pointers to get me started.
:: Background ::
I would like to build an app for Confluence which will inject authenticated content from our own SaaS service into the Confluence page when requested (via a macro). This is somewhat akin to the Google Drive Confluence app that can embed a Google document into a Confluence page when given a link to such a document.
:: Question ::
We are going to build the app using Atlassian Connect since we will want it in the Atlassian marketplace down the line. So we host the app. How can we authenticate who the user is that is invoking the app so we can decide whether to show them any content and if so which based on what the user is authorized on our service?
I’ve read two types of docs that are related but work in the opposite direction:
- Docs about how to make the app impersonate a given user.
- Docs about how our app can use OAuth to be able to make REST APIs against Confluence.
Neither applies here. I appreciate pointers for how to know in our app who the Confluence user is.