And here is the response from Jira and Confluence on it:
// Jira
{
errorMessages: [
'An error occurred: com.atlassian.idp.client.exceptions.AuthorizationException: {"schemas":["urn:ietf:params:scim:api:messages:2.0:Error"],"status":"403","detail":"You do not have permission to make this request.","errorType":"InsufficientPermissions","message":"You do not have permission to make this request."}'
],
errors: {}
}
// Confluence
{
statusCode: 500,
message: 'com.netflix.hystrix.exception.HystrixRuntimeException: CreateGroupIdentityPlatformCommand failed and no fallback available.'
}
P.S. With the same app I can create Project/Space and do a lot of other thing, however it fails on group creating
Hi @danielwester
and thank you for the prompt answer!
Hm…Grant app site admin is also an option. Cause it’s custom development for a particular client.
Unfortunately, I do not know where to change it. Can you suggest how to do that?
The app already has access to create groups (granted by ‘manage:jira-configuration’)
Seems I need to grant the app to do actions on behalf of me. How to make it? The last time I clicked smth like that was fired by UI forge’s element, now app w/o any UI.
And the corresponding output in the forge tunnel console:
INFO 05:19:40.011 0f3932111cd03e65 { name: 'ForgeGroup' }
INFO 05:19:42.733 0f3932111cd03e65 Response: 201 Created
INFO 05:19:42.733 0f3932111cd03e65 {
type: 'group',
name: 'forgegroup',
id: 'e5ea7c12-40ef-4343-9222-b19f4712b28c',
_links: {
self: 'https://<site>.atlassian.net/wiki/rest/experimental/group/forgegroup',
base: 'https://<site>.atlassian.net/wiki',
context: '/wiki'
These are the scopes of the app (note that I also have the read:confluence-groups one because I’m also requesting a GET /wiki/rest/api/group in the same app but that can be removed if the app doesn’t require that:
I’m not really sure about what might be happening here, but I would suggest trying to isolate the issue by running a new app with just the required method and scopes and make sure that it’s deployed and installed with those scopes. Or maybe try to uninstall (forge uninstall) and re-install the app.
I made it with a Basic Auth request as a temporary, but working solution.
So plugin installation will require an additional step to add a personal token to store it securely.