Sure, here is a single users redacted information JSON.
{
type: 'known',
accountId: '<ID>',
accountType: 'atlassian',
email: '<EMAIL>',
publicName: '<NAME>',
profilePicture: {
path: '/wiki/aa-avatar/5d6cd2ca8f0aa30dba0af03c',
width: 48,
height: 48,
isDefault: false
},
displayName: '<NAME>',
isExternalCollaborator: false,
_expandable: {
operations: '',
personalSpace: ''
},
_links: {
self: '<SELF-URL>'
}
}
Any <> tags removed user information, but the profilePicture path is still shown. If i append this to my dev instance baseUrl in browser, it renders the icon.
Attempting to use Atlaskits’ Avatar presents the following error, even if using hard-coded absolute URLS (again <> redacted information):
Content Security Policy: The page's settings blocked the loading of a resource at <baseUrl>/wiki/aa-avatar/5d6cd2ca8f0aa30dba0af03c ("img-src").
Edit I should also point out this is using the get Group members endpoint docs
Using the endpoint you shared above, the path is the same, but _links contains a ‘base’ value that holds the baseUrl - get group members does not include this property