Can Forge Webtriggers access provider authentication (like Google)?

Forge
, , ,
1

I’m currently using a Forge Webtrigger that makes REST API requests to Jira and Confluence using the standard Forge API calls for example:

api.asUser(userId).requestJira(...)
api.asUser(userId).requestConfluence(...)

I also added permissions like this, and impersonation works perfectly:

permissions:
  scopes:
    read:jira-work:
      allowImpersonation: true
    read:task:confluence:
      allowImpersonation: true

Now, in my manifest.yml, I also have providers configured for Google and Bitbucket:

providers:
  auth:
    - key: google
      name: Google
      scopes:
        - "profile"
        - "https://www.googleapis.com/auth/userinfo.email"
        - "https://www.googleapis.com/auth/calendar.readonly"
    ...

These providers work fine in other Forge modules.

My question is:
Is there any way to make these Forge providers also available inside a Webtrigger similar to how Jira and Confluence REST APIs are accessible via api.asUser()?

Basically, I’d like to call Google’s API on behalf of the user (using the existing provider authorization) directly from the Webtrigger (with custom auth) context.

Has anyone tried this or found a workaround for using Forge providers within Webtriggers?

2

Hi @PeterSkriba, unfortunately this is not possible today as third party providers only support online asUser which requires user context associated with the invocation and this is only true for resolvers for front end modules. In other words, you can only do this for invocations that are triggered by an action from the end user.

There is this open feature request which talks about bringing offline user impersonation to third party providers though - Jira, I would recommend making a comment on the ticket explaining your use case and upvoting the ticket.

3 Likes