Do forge apps have to have the User identity API permission

I’ve been building a confluence macro with a custom ui using forge. It will actually just be loading in and displaying some external functionality.

It seems though that I don’t have control over the use of the “read:me” permission. Even though I’ve defined scopes: in the mainifest the read:me permission is always added. As such, the macro doesn’t actually work unless each use who tries to use/view it on a confluence page allows access for the forge app to view their user identify which it suggests could “Share data with unlimited locations outside of Atlassian.” which is not what this app does at all, and I don’t know why it is suggesting that it is.

Is anyone able to advise why this behaviour is happening?

1 Like