I’m encountering an issue where I cannot load the space icon on my Custom UI in an Atlassian app. The request to Confluence for fetching the icon is consistently returning a 401 Unauthorized
error with the message: "Unauthorized; scope does not match"
.
The manifest.yml:
permissions:
scopes:
- write:jira-work
- storage:app
- read:jira-work
- read:jira-user
- read:project:jira
- read:page:confluence
- read:confluence-space.summary
- read:confluence-props
- read:confluence-content.all
- read:confluence-content.summary
- read:space:confluence
- read:attachment:confluence
- readonly:content.attachment:confluence
The code I am attempting (on the resolver side where I am able to make other requests):
const request = await api
.asApp()
.requestConfluence(
route`/wiki/download/attachments/2359298/Cloned?version=2&modificationDate=1723896711039&cacheVersion=1&api=v2`,
);
Issue:
The error suggests a scope mismatch, but I’m unsure which scope is missing or incorrectly configured. I’m trying to display a project icon in the Custom UI using an avatar, and I believe the read:space:confluence
and read:attachment:confluence
scopes should cover the request.
Steps to Reproduce:
- Use the provided manifest and permissions.
- Attempt to fetch the icon via the code snippet in a Custom UI environment.
- Observe the
401 Unauthorized
error.
Expected Behavior:
The space icon should load successfully and be displayed on the Custom UI using the provided Avatar
component.
Actual Behavior:
The request fails with a 401 Unauthorized
error, preventing the icon from loading.
Could you please help identify what is wrong with the current setup or suggest the necessary scopes to allow the icon to load successfully?
[edit]
If I try:
const da = await api
.asApp()
.requestConfluence(
route`/wiki/rest/api/content/2359298/child/attachment/att2359384/download`,
);
I get the error: PROXY_ERR: Forge platform failed to process runtime HTTP request - 403 - BLOCKED_EGRESS
Thank you!