Getting 403 forbidden error while trying to update story points for an issue using Forge app

Hi all,

I am using Rest API in Forge:

const response = await api.asApp().requestJira(route`/rest/api/3/issue/${issueId}?overrideScreenSecurity=true&overrideEditableFlag=true`, {
    method: 'PUT',
       headers: {
         'Accept': 'application/json',
            'Content-Type': 'application/json'
           },
           body: bodyData
         }) and 
var bodyData = `{ 
  "fields": { 
    "customfield_10026" : ${oldValue}
  } 

to update the story points to a valid number, if user inputs an invalid one. I am getting the below error

  ok: false,
  status: 403,
  statusText: 'Forbidden'

Could you please help me with the same.

Hi @SomaliBanerjee,

Can you share an example of an invalid number? Do you mean, for example, a string or a decimal?

Also, did you check the Json from the response?

When I try to submit a string as Story Points in a scenario which I believe might be similar to your situation so with the field not visible on the Edit Screen, I get this error message:

{
  errorMessages: [
    'Connect app users with "admin" permission and Forge apps acting on behalf of users with ADMINISTER permission can override screen security.'
  ],
  errors: {}
}

When using this in my code:

console.log(await res.json());

This is unexpected but I wanted to check with you if this is the same error message you are seeing before investigating further.

Additionally, based on the API documentation, the override options can only be used when the request is done asUser instead of asApp. This is the sentence that says that:

Forge apps acting on behalf of users with Administer Jira global permission

Caterina