Hello All,
In order to report the user personal data for connect apps using following API
POST /rest/atlassian-connect/latest/report-accounts
Is the above assumption/ approach correct?
Thanks for your help.
Hi @sfg, the Jira and Confluence personal data reporting API is anchored to a tenant only for consistency with other Jira and Confluence REST APIs. A vendor could use one tenant to send reports for all users if a shared user base exists for multiple tenants. The most important consideration is to ensure all users are reported and that the personal data is erased if directed by the response.
Hello @dmorrow,
Thanks for the reply.
Can you please verify if I got it right
Current Scenario : We have one user database for multiple tenants.
For the purpose of personal data reporting
Thanks!!
Hi @sfg, Can you please tell how do you generate JWT token for that tenant? Do you invoke this API from your app code somewhere or do you have a separate job for it outside app code which uses the JWT you create (i’m guessing using shared_secret and client_key, but I don’t know how…please point me to some documentation if you can)?
Please help here.
Hello @farhat ,
We are thinking of invoking this code via a separate job outside of the plugin code. JWT will be created using shared_secret of the tenant.
Reference link:
https://developer.atlassian.com/cloud/jira/platform/understanding-jwt/
Do you have another approach to handle this scenario?
Thanks!!
Perfect. Thanks a lot @sfg. Even I feel that this needs to reside outside of app code, planning to do it in an AWS Lambda invoked by a Cloudwatch event every 15 days - separate job.