Forge 'Allow Access' endless looping when adding certain scope in manifest

ScottWaiCheeTan · June 11, 2024, 7:46am

Recently, I encountered an issue with my Forge app related to adding certain scopes for the V2 API, which causes an endless loop in granting access.

The scopes I included in my manifest.yml are:

read:embed:confluence
read:database:confluence

When these two scopes are added, the Forge app continuously prompts for access granting and does not proceed past this point.

Additionally, I receive the following error message in my terminal:

[NEEDS_AUTHENTICATION_ERR: Authentication Required] {
  serviceKey: 'atlassian-token-service-key',
  options: undefined,
  status: 401
}

Appreciate it if anyone can assist on this issue.

BoZhang · June 12, 2024, 9:03pm

Hi @ScottWaiCheeTan, could you provide us with the appId for which you are having issues?
In addition are you seeing the issue with these scopes in particular? or is it happening in general for your app?

ScottWaiCheeTan · June 13, 2024, 6:53am

Hi @BoZhang, sure.
appId: ari:cloud:ecosystem::app/80a301ce-07e9-4c66-882a-e5d7aef8c84d
I’m seeing these scopes in particular, when added these scope, the app will keep asking for granting the access.

I was trying it in a newly bootstrapped app using forge create, is a clean apps.

BoZhang · June 17, 2024, 1:05pm

Hi @ScottWaiCheeTan, sorry for the delay and thank you for providing your appId. I had a look at our logs, and it seems that there is indeed an issue with these particular scopes. I will need to bring this up with the Confluence team. I will give you an update once it is fixed.

ScottWaiCheeTan · June 18, 2024, 2:20am

@BoZhang Thanks!

BoZhang · June 19, 2024, 12:55am

Hello, I was able to push some changes this morning and test it on my side. Can you confirm that the issue has been resolved on your side as well?

ScottWaiCheeTan · June 19, 2024, 2:13am

@BoZhang anything require to upgrade from my machine? I updated the latest @forge/cli, the issue still remain from my side with the same behavior

ScottWaiCheeTan · June 19, 2024, 2:33am

I further tried out the changes by removing the access from my “connected apps” & reinstall the app.
right now the app didn’t show the ‘allow access’ looping anymore but it seen like it also didn’t granted any access for the ‘smart link’ & is logging out

code: 401, message: 'Unauthorized; scope does not match'

the app is not asking me any consent for granting the access anymore.

BoZhang · June 19, 2024, 3:12am

Do you get this error when you are trying to call an API that requires the aforementioned scopes?
If that is the case, can you please provide the API that is causing this issue?

ScottWaiCheeTan · June 19, 2024, 3:27am

@BoZhang sorry about that, I make some mistakes on the API call link.
Is working fine now! I can get the information as expected now.

Thanks!