Content permission check returns 401: Unauthorized; scope does not match

Forge Forge UI Kit and Custom UI
, ,
1

Hi,

I’m trying to check if a user has update (edit) permission on a page within a forge app. According to the documentation the following permission scope is required: read:confluence-content.permission

But this results in a 401: Unauthorized; scope does not match error.

I’ve also tried adding the granular scope, still 401. The only thing that seems to work is adding both the classic and granular scope from the documentation, BUT after accepting the required permissions, Confluence presents me with a “Something went wrong” error screen (reproducable). After refreshing, the permission were accepted anyways… but it is not really user friendly.

image
image453×503 17 KB

Permissions used:

permissions:
  scopes:
    - read:confluence-content.permission
    - read:space.permission:confluence
    - read:page:confluence
    - read:confluence-content.summary

Both permissions scopes seem to be required, but result in an error when accepting.

  1. Is this a known bug?
  2. Is there a way to not get this error?
  3. And can someone please update the documentation?

FYI I’m using the example code from the endpoint documentation.

Thanks in advance!

Rick

2

Hi @rick.van.twillert,

I tried this out using the following snippets

permissions:
  scopes:
    - read:confluence-content.permission

    contentPermissionCheck = async () => {
        var bodyData = `{
            "subject": {
              "type": "user",
              "identifier": "{accountId}"
            },
            "operation": "update"
          }`;
          
          
          const response = await api.asUser().requestConfluence(route`/wiki/rest/api/content/{contentId}/permission/check`, {
            method: 'POST',
            headers: {
              'Accept': 'application/json',
              'Content-Type': 'application/json'
            },
            body: bodyData
          });
          
          console.log(`Response: ${response.status} ${response.statusText}`);
          console.log(await response.json());        
    }

and got the expected response of

INFO    03:07:23.055  b862a15018f7a6d4  Response: 200 OK
INFO    03:07:23.057  b862a15018f7a6d4  {
  hasPermission: true,
  errors: [],
  _links: { base: 'https://myinstance.atlassian.net/wiki', context: '/wiki' }
}

Based on these results, I can say that the scope read:confluence-content.permission is sufficient for this API.

To have a better understanding, can you share code snippets on how you are using the API?

Cheers,
Ian