Error while calling invokeRemote with unlicensed JSM user (e.g customer)

I have a portal app that is shown in the portal footer. In the manifest file, I have declared “unlicensedAccess” with “unlicensed” and “customer”. Also, I am using remote backend and declare an endpoint (which sends appUserToken and appSystemToken) as resolver. The UI only call “invokeRemote” from “@forge/bridge”

The problem is when licensed JSM users(e.g admin) call “invokeRemote” successfully and I can see appSystemToken and appUserToken at the remote backend but unlicensed JSM users see an error at the UI. The error message is like “Error: Expected reject to be called with Error, got [object Undefined]”.

I know that unlicensed JSM users can’t send asUser requests as mentioned in https://developer.atlassian.com/platform/forge/access-to-forge-apps-for-unlicensed-jsm-users/ but I expected to see that they can call “invokeRemote” successfully but send only appSystemToken to the remote backend.

Hi @HseyinErbayraktar , are you able to give me a traceId of a request? or your appId so I can look into this further?

Hi @BoZhang, traceId is 8ba247cdf1e54eefb413bb56fbffd74c

Hi @HseyinErbayraktar, thanks for raising this, it looks like there is a bug that makes specifying appUserToken enabled incompatible with invocations for unlicensed users. I will look at getting a bug fix in as soon as possible. Sorry about the inconvenience.

1 Like

Hi @BoZhang, thanks for your help. Is there any bug report link to follow the process?

Hi @HseyinErbayraktar , here is the link to the ticket for the bug https://jira.atlassian.com/browse/ECO-602

1 Like

Hi @HseyinErbayraktar , I believe that a fix should be available now, are you able to verify that it’s working on your side?

1 Like

Hi @BoZhang, I tried the scenario written in the description again, but this time I got another error.

The error occurs when remote backend try to validate “Forge Invocation Token”. The error message is like below.

The JWT is not yet valid as the evaluation time NumericDate{1736162569 → Jan 6, 2025, 11:22:49 AM UTC} is before the Not Before (nbf=NumericDate{1736162571 → Jan 6, 2025, 11:22:51 AM UTC}) claim time (even when providing 1 seconds of leeway to account for clock skew).

Rarely, I don’t get this error and everything works fine.

Hi @BoZhang, The reason for the error is that my computer’s clock is 1-2 seconds behind. After synchronizing everything works fine. Thanks for your help.

Thanks for confirming, I am glad that it’s working for you now :slight_smile: .

1 Like

Hi @BoZhang , I got similar error when a user with account type is “customer” calls “requestJira” function from “@forge/bridge”. The error message is “Error: An unexpected error occurred when fetching an auth token”.

In my scenario, The user only calls “requestJira(‘/rest/api/3/myself’)” but this request throws error. When I run this request in a new browser window(/rest/api/3/myself), the request is completed successfully.

I expected to see that user with account type is “customer” can call “requestJira” successfully.

I can’t share a traceId because the request doesn’t appear in the app logs.

Hi @HseyinErbayraktar, to keep the posts on this thread relevant to the original question, are you able to create another thread for this question? If you could provide me with an appId so I can have a look at the logs in your post that would be great. Thanks!