Hey Forge community,
I’m excited to share some news with you! Recently my team has been working on a new Forge feature: External Auth . There has been some discussion about OAuth2.0 integrations, so we wanted to let you know what you can expect us to deliver by the end of the year.
What is it?
External Auth is a new feature that will let you authenticate an OAuth2.0 provider with minimal configuration.
This feature will:
- Connect your Forge apps to a 3rd party from multiple Atlassian products and share the auth between them seamlessly.
- Store service and account credentials in a secure, encrypted way which was verified with strict compliance procedures and rigorous security reviews.
- Fetch and refresh OAuth2.0 tokens automatically.
- Easily use OAuth tokens in requests from your Forge functions.
External Auth will support some popular service providers such as Google, Dropbox, Miro, Slack, GitHub, and Azure DevOps out of the box, and also has the ability for you to define fully custom OAuth2.0 Providers for any service that adheres to the OAuth2.0 protocol!
Note: for external providers this feature will only support the “Authorisation Code Flow”, and won’t support the “Client Credential Flow”. For more about OAuth2.0 flows visit: Which OAuth 2.0 Flow Should I Use?
Example use cases
- Creating Google Calendar entries from Confluence: External Auth will remove the need to manually handle the user’s OAuth tokens in your application code.
- GitHub pull request status from Jira: External Auth will remove the need to manually handle the user’s OAuth tokens in your application code.
Should we support more providers out of the box?
Let us know by completing this Google Form.
If there’s enough of an ask for providers we haven’t included yet, we’ll consider adding them to our “out of the box” supported list.
Have any questions, comments, or concerns? Let us know! Leave them below or reach out to me on:
Calendly: Nir Nikolaevsky - Book a call