External OAuth Api as app

In Forge I can authenticate with an external API using Auth by using the https://developer.atlassian.com/platform/forge/manifest-reference/providers/#advanced-bearer-method module. This works pretty nice but as far as I understand these work only in the user context by calling api.asUser().requestProvider(…) but not in the app context by calling api.asApp(). Which means as I understand I can’t use external authenticators in queued jobs or scheduled jobs.

Is this a feature that is possible or planned?


As you’ve discovered, external auth only supports asUser() at the moment and the backend functions of Forge only support asApp().

It’s something we’re keen to support in future but we don’t have any current plans.

If your external API supports the client credentials flow perhaps you could store the credentials in Forge’s secret storage and use that from your backend functions?


Ok I’m implementing device flow manually for now and store the token and refresh token in the storage api as secrets. That should work.

1 Like