Jira Connect App test the `ACCESS_EMAIL_ADDRESSES` scope without being whitelisted

Jira Development Jira Cloud
, , ,
1

Hi there,

I’m trying to test out the ACCESS_EMAIL_ADDRESSES scope for a connect app on a dev instance of jira. However the moment I ACCESS_EMAIL_ADDRESSES to the scope, the app fails to install with the following error:

Could not install the file https://91d3-35-236-90-71.ngrok-free.app/atlassian-connect.json. Check that the file is valid.

Is there a way for me to test this endpoint on a dev instance of jira without first being whitelisted for the endpoint? My team is getting the rest of the information required for whitelisting (privacy policy, etc) ready but I do not want to block development on that.

For more context, this atlassian-connect.json file fails to install because it requests the ACCESS_EMAIL_ADDRESSE scope:

{
  "name": "Hello World",
  "description": "Atlassian Connect app",
  "key": "com.riadalabs.jira.plugins.notificationassistant",
  "baseUrl": "https://91d3-35-236-90-71.ngrok-free.app",
  "vendor": {
    "name": "Example, Inc.",
    "url": "http://example.com"
  },
  "authentication": {
    "type": "jwt"
  },
  "lifecycle": {
    "installed": "/install",
    "uninstalled": "/uninstall"
  },
  "scopes": [
    "read",
    "ACCESS_EMAIL_ADDRESSES"
  ],
  "apiVersion": 1,
  "modules": {
    "generalPages": [
      {
        "url": "/helloworld.html",
        "key": "hello-world",
        "location": "system.top.navigation.bar",
        "name": {
          "value": "Greeting"
        }
      }
    ]
  }
}

And this file is identical to the one above, except that it does not request the ACCESS_EMAIL_ADDRESSES scope.

{
  "name": "Hello World",
  "description": "Atlassian Connect app",
  "key": "com.riadalabs.jira.plugins.notificationassistant",
  "baseUrl": "https://91d3-35-236-90-71.ngrok-free.app",
  "vendor": {
    "name": "Example, Inc.",
    "url": "http://example.com"
  },
  "authentication": {
    "type": "jwt"
  },
  "lifecycle": {
    "installed": "/install",
    "uninstalled": "/uninstall"
  },
  "scopes": [
    "read"
  ],
  "apiVersion": 1,
  "modules": {
    "generalPages": [
      {
        "url": "/helloworld.html",
        "key": "hello-world",
        "location": "system.top.navigation.bar",
        "name": {
          "value": "Greeting"
        }
      }
    ]
  }
}

Can someone please clarify this for me? Thank you!

2

@ibuchanan would you happen to have any insight here? Thanks!

3

Not that I’m aware. Sorry that’s blocking your team.

1 Like
4

Thanks for the clarification @ibuchanan. You’ve been super helpful last few days.

I’ve got one more follow up:

Is there a way to deterministically tell that my app installation is failing because the key is not whitelisted? The error I receive when installing my app is very generic, and the json validator tool seems to be down:

Could not install the file https://91d3-35-236-90-71.ngrok-free.app/atlassian-connect.json. Check that the file is valid.
1 Like
5

Yes there is… there is a magic app key that can be used for development. Just create a ticket here: Jira Service Management and explain your situation. No need to fill in everything with actual values. The team will provide you with the details.

I’m not going to share it here because it basically undermines the entire process to even have such a key, but even with Atlassian having a policy on paper is more important than actually implementing it :man_shrugging: