We have created a new OAuth 2.0 (3LO) scope
readonly:content.attachment:confluence that gives 3LO apps permission to download attachments. Furthermore, we have created a new endpoint that can be used to download a content attachment.
Calling the endpoint will return a
302 redirect to a URL that can be accessed to directly download the file attachment.
See the details of the new endpoint in the documentation when it is available.
3LO apps are not intended to access the Confluence UI link for downloading an attachment (
/wiki/download/attachments/<contentId>/<filename>?api=v2 ). 3LO apps should always use the documented REST API, accessed through the
Nonetheless, they had previously been able to access this link to download an attachment. We recently released changes that removed 3LO apps’ ability to use this link, which broke any app that relied it. Developers communicated to us the impact of our changes in a number of Community posts:
- Downloading attachments content using OAuth2 from the Confluence
- Getting 503 error while calling confluence API - #24 by VivekGupta
- How can i get attachement(img) with oauth?
In order to restore this functionality and address the impact, we have created a new documented endpoint and respective OAuth 2.0 (3LO) scope.
Developers who rely on the ability to download attachments should use the new Download attachment endpoint.
The endpoint will be available on Thursday, 29 July.