Cross product user impersonation

I want to make REST requests to Confluence from Jira cloud. Right now I’m doing an approach where I have two add-on descriptors, one for Jira and one for Confluence, then direct the user to install the other instance if they haven’t already. However, I think it’s kind of poor UX, so I’d really like to just have one add-on, and I’m wondering if it’s possible to make requests to Confluence from the Jira ‘add-on’ using the 2LOi OAuth User Impersonation described here. Specifically, I’m hoping to hear from someone that has accomplished this since the documentation seems to be a bit contradictory. Thanks in advance!

1 Like

hi @JanetCarr,

I am looking for a very similar solution (although in the opposite direction):

I was able to perform full OAuth 2.0 (3LO) dance using cURL. Read my latest comment and try to follow the documentation (it was updated lately).

Now I’m mostly concern about this:

Note that making your app public does not make it available on the Atlassian Marketplace. Listing a OAuth 2.0 (3LO) app on the Atlassian Marketplace is currently not supported.

Additionally: your two-apps solution intrigued me. With OAuth I have to ask each and every user to authorise. With two apps I only have to convince admin to make two installs.

I am just curios how do you link these separate instances?

ACE for product “A” simplifies making request to the same product by reusing JWT. In other words it’s easy to make a request from JIRA Add-on to JIRA API as long as you a JWT delivered with user request. Having a secondary JIRA Confluence Add-on is not enough as you can’t reuse the same JWT from JIRA.