I am developing an app in Forge that has the following permissions (a bit redundant, yes, I was trying to cover all flanks):
permissions:
scopes:
- search:confluence
- read:confluence-user
- read:confluence-props
- read:confluence-content.summary
- read:confluence-content.all
The app is a macro that calls a resolver in the backend. The resolver does a cql search, like this one:
const response = await api.asApp().requestConfluence(route`/wiki/rest/api/content/search?cql=ID=${contentId}&expand=version`, {
headers: {
'Accept': 'application/json'
}
});
I understood that using asApp would allow the app to perform the search without checking user approval or permissions, but the user found this message:
Is this the expected behavior or am I missing something?