Duplicate clientKey in the wild

Hi all,

I thought I’d share that we ran into a case of two different Jira Cloud servers with the same unique clientKey. Apparently they were both restored from the same Jira on-premise server several months back.

Hi @mark, this is a long-standing known issue.

Per the documentation of the clientKey field:

Identifying key for the Atlassian product instance that the app was installed into. This will never change for a given instance, and is unique across all Atlassian product tenants. This value should be used to key tenant details in your app. The one time the clientKey can change is when a backup taken from a different instance is restored onto the instance. Determining the contract between the instance and app in this situation is tracked by AC-1528 in the Connect backlog.

Hi @epehrson,

I think this is different.

We’ve experienced the issue described in AC-1528 (clientKey sometimes changes) and detect for it.

The clientKey has not changed in this case. Instead, two totally different base URLs (customer1.atlassian.net, customer2.atlassian.net) BOTH have the SAME clientKey.

1 Like

Hi @epehrson,

Oh! I found a resolved ticket that describes the situation AC-2247:

Exports now include the clientKey from old instances.
Imports will copy the client key into the database, to be supplied on future requests
Connect add-ons can now break easily as they may start seeing two base urls for the same ‘unique’ key

It is resolved, but…

Instances that have been migrated during the period where the client key was copied over may still be effected if they havent been resolved with a support request.

So that’s probably what we’re seeing.

3 Likes

Cross posting this as well Multiple clientKeys for the same Jira Cloud instance