I try to develop an app using Atlassian Connect. One thing is still unclear to me - how do I store security context for my app?
I have a basic app, with atlassian-connect.json, its all ok. The app is installed to our test env. This guide (https://developer.atlassian.com/cloud/bitbucket/authentication-for-apps/) states that “When an administrator installs the app in an Atlassian cloud instance, Connect initiates an “installation handshake”: it invokes the endpoint, passing a security context. You must then store this security context for future use.” How do I store this security context?
Does this mean that “/installed” endpoint should be a POST method endpoint waiting for the “handshake”? Because as of now, there is no “/installed” endpoint created by me (I suppose it is implicitly created by Connect?) and the app has been sucessfully installed.
We cannot use Jira REST API yet as the JWT is not created, because I dont know how to get the “secret” from installation handshake.
Many thanks for a little push with reading the security context from installation handshake