Failed to validate FCT: 'accountId' claim mismatch

Hello,
A strange bug appeared in the Forge UIkit app today.

Failed to validate FCT: 'accountId' claim mismatch

The strange thing is that only certain users are affected. No permision changes have been made.
Any ideas?

Hi @ArasKucinskas,

Are you seeing this with a specific module or all modules? Which product is your app installed into?

This will help us get the right people involved to resolve this.

Thanks

We are experiencing the same problem with Jira custom field type edit modules in our UI Kit app. It seems to happen together with probles related to NEEDS_AUTHENTICATION_ERR Spike or maybe it is also related to the active incident
here: Atlassian Developer Status - User impersonation for Connect apps is not working
Looks like I need to open another ticket here.

Hi @CPS,

Please do open another ticket if you’re still experiencing the problems.

Meanwhile, could you provide a traceId and your manifest.yml file? Please redact all of the sensitive information from your manifest.yml file, I mainly want to see:

  • the module and its properties
  • permissions of the app.

Is the Jira Custom Field Type forge app also being used in a Jira Service Management board?

Thank you,
Camelia

2 Likes

Hey Camelia,

thank you for looking into this.

This is the stripped down manifest.yaml:

modules:
  jira:customFieldType:
    - key: x
      name: x
      description: x
      icon: x
      type: string
      collection: list
      function: view
      edit:
        function: edit
      contextConfig:
        function: configureContext
  jira:adminPage:
    - key: y
      function: adminPage
      title: y
      icon: y
    - key: z
      function: adminPage
      title: z
      useAsGetStarted: true
  function:
    - key: view
      handler: index.runView
    - key: edit
      handler: index.runEdit
    - key: adminPage
      handler: admin.runAdmin
    - key: configureContext
      handler: config.runContextConfig
app:
  id: id
  licensing:
    enabled: true
permissions:
  scopes:
    - read:issue-meta:jira
    - read:issue-security-level:jira
    - read:issue.vote:jira
    - read:issue.changelog:jira
    - read:avatar:jira
    - read:issue:jira
    - read:status:jira
    - read:user:jira
    - read:field-configuration:jira
    - read:issue-details:jira
    - read:field.default-value:jira
    - read:field.option:jira
    - read:field:jira
    - read:group:jira
    - read:custom-field-contextual-configuration:jira
    - read:issue-link-type:jira
    - write:comment:jira
    - write:issue:jira
    - write:issue-link:jira
    - delete:issue-link:jira
    - write:custom-field-contextual-configuration:jira
    - write:field:jira
    - read:project-category:jira
    - read:project:jira

It’s a bit hard to provide a traceID since I believe the invocation does not get through to the app / I do not see errors related to that in the logs, but I can message you privately on which customer site this problem occurs.

Thanks again
Christoph

Hi,
Did you ever mange to figure out what the cause of this was? We are experiencing the exact same thing with a jira custom field type in our forge app. Sometimes (it might be happening after some time of inactivity with the browser open) the error occurs. We can circumvent it by doing a refresh with the field in view and then it goes back to normal.
So far we have not figured out a way to consistently reproduce it.

Cheers
Ola