I have read the announcement regarding the new Data Security Policy and the developer guide. I would like to inquire whether there are plans to support this feature in Connect applications. I identify two areas where such support would significantly facilitate the integration of the add-ons:
- Conditions in the Atlassian Connect descriptor: The add-on should refrain from attempting to draw components (headers, footers, menu entries) in spaces where it lacks data access. I am uncertain whether Atlassian intends to automatically conceal these components for unauthorized spaces or if it is a responsibility that the add-on needs to assume. In the latter case, incorporating conditions in the descriptor to verify the circumstances would simplify the process of hiding these components in spaces where the add-on lacks access.
- Webhooks: Add-ons should not receive webhook messages for content to which they lack access. This approach would streamline the logic in the webhooks and prevent unnecessary errors when attempting to access data that is inaccessible.
Best regards
Iñaki Ibarrola