Hi. I’m trying to get image from confluence contents.
I made some app and i using oauth2.0 for user auth.
So… i want take attachement(img) like this url.
Hi @GeunCheolYeom , we’ll continue to monitor vendor asks and reassess the priority for all open tickets based on votes amongst other critical projects the developers are working on. As of now, we do not have an ETA for this issue.
Also, we didn’t break anything as downloading attachments via 3LO was never a supported feature. We did a vulnerability patch which broke vendor apps using undocumented download attachment API. Those download links were and continue to work using Basic Auth.
It’s one thing to make this change intentionally, especially in the name of security, but to deny that you broke something is absurd (particularly when you have not provided an alternative solution). Try asking Linus Torvalds when it’s ok to break user space in Linux, for any reason, including bug fixes.
Any healthy platform and its APIs should look to the wildly successful Linux kernel (or any of the major OSs for that matter) for best practices around the handling of regressions. Atlassian seems to lack a consistent culture in regards to viewing your platform this way, and your ecosystem suffers greatly because of it.
It is true that this was an abrupt change, which we sometimes have to do for security reasons. We have an alternative in the works in order to address this gap specifically with downloading attachments, but it will take a bit more time to complete. We are in no way denying that the change may have broken the experience for vendors and customers, but we are specifying that the documented approach should be to use the API gateway rather than direct tenant access for exactly cases such as this. In any case, we are sorry for the impact this has caused and are working to remedy it.