I was going through the two context methods for the Product Authentication API that is asApp() and asUser(). I have read the docs but I can’t actually figure what’s the difference between the two?
In the documentation, it is mentioned that if I am providing the required permissions, the request will work correctly because asApp() will fetch the permissions via the manifest file. Is it because of the fact that if we have defined some permissions in the manifest.yml file, then at the time of loading the app for the first time, the user has to grant access to the required resources.
The above scenario seems to be the most ideal one, then why do someone has to use asUser()? And if someone uses it, then what is the authorization flow?
Say, I want to get the paginated results of the JIRA projects and have defined the required permission in the scopes section of the manifest file. Do we have to define the permissions if we are only using asApp() because if even after using asUser(), the user is prompted for granting the permissions at the initial run, then what is the difference between both of the context methods?
In the examples of the cloud APIs for the various Atlassian products that can be integrated with Forge Apps using Bridge (Jira and confluence are the only options), there are example Forge requests provided after each endpoint. In there, mostly everywhere asUser() method is used. Is there any specific reason behind that? And I have seen examples in which for the same REST API endpoints,asApp() is used. Why is that?
Waiting for the team’s response so that the things can get clearer for me