Check for Confluence group membership to drive access to custom UI elements

Forge Forge UI Kit and Custom UI
1

I would like to restrict a button in my custom UI to members of a specific Confluence group.

I’ve created the group and added myself on my developer testing site. If I hit the URL for that in my browser, I can see the expected output. However, when I try to use the API in my code, either as app or as user, I am denied access. I can’t figure out what permission or setting I should change to get the access I am after.

        const response = await api.asUser().requestConfluence(
            route`/wiki/rest/api/group/${GROUP_NAME}/member?limit=50&start=${start}`
        );

The response indicates a 401. I also tried it, as I mentioned, asApp() and received a 401.

I have the following in my manifest:

permissions:
  scopes:
    - read:confluence-user
    - read:confluence-groups
    - storage:app

… so I would expect the app to be able to request the endpoint I’m hitting. I would prefer to not rely on the user’s permission, even if I could get that to work. Any ideas?

2

What endpoint are you trying to reach? It seems closest to get group members, but the syntax is different (that endpoint uses the group ID and not name and also membersByGroupId).

I’d suggest looking from the other direction and using get group memberships for user and checking the results for the current user ID (assuming the specific group has a fixed and known ID, though you could use the name in this case).

3

Thanks! I was able to switch the API call to group memberships for user and that worked out fine.

    const response = await api.asApp().requestConfluence(route`/wiki/rest/api/user/memberof?accountId=${accountId}`, {
        headers: {
            'Accept': 'application/json'
        }
    });
1 Like