It might work through GraphQL using requestGraph
but I havenât tried it myself. It seems suspicious because there are no Forge scopes.
@ibuchanan , I think your suspicions are partly correct.
I can use the requestGraph function to call the teams api and get some results
const variables = ''
const headers = ''
const orgQuery = `query myConfluenceApp_user_getCloudId {
tenantContexts(cloudIds:["${req.context.cloudId}"]) {
cloudId , orgId
}
}`
const orgResult = await api.asApp().requestGraph(orgQuery, variables, headers);
const data = (await orgResult.json()).data
console.debug("Orgs result", orgResult.status,data ,data.tenantContexts[0].orgId )
const orgId = data.tenantContexts[0].orgId
const query = ` query jiraTeams { team @optIn(to: "Team-search-v2") {
teamSearchV2(organizationId:"ari:cloud:platform::org/${orgId}" , siteId:"${req.context.cloudId}") {
nodes {
memberCount
includesYou
team {displayName id
members {
nodes {
state
role
member { id name}
}
}
}
}
}
}
}`
const result = await api.asApp().requestGraph(query, variables, headers);
This gives some details on the team
memberCount: 2,
includesYou: false,
team: {
displayName: 'Team 1',
id: 'ari:cloud:identity::team/bc09f6f5-b578-4e22-b139-063afa4291f5',
members: { nodes: [Array] }
}
}
However, if we look at the members of the team I canât get those details and run into a scope issue.
[
{ state: 'FULL_MEMBER', role: 'ADMIN', member: null },
{ state: 'FULL_MEMBER', role: 'REGULAR', member: null }
]
The graphql call does give descriptive errors.
{
message: 'This request does not contain the right authorisation scopes to access this field',
locations: [],
path: [
'team',
'teamSearchV2',
'nodes',
'team',
'members',
'nodes',
'member'
],
extensions: {
requiredScopes: [Array],
providedScopes: [Array],
statusCode: 403,
classification: 'InsufficientOAuthScopes',
aggUgcPiiSafe: true,
errorSource: 'GRAPHQL_GATEWAY'
}
}
] {
requiredScopes: [ 'identity:atlassian-external' ],
providedScopes: [
'read:jira-work',
'view:team:teams',
'storage:app',
'view:membership:teams',
'read:user:jira',
'read:avatar:jira',
'read:project:jira',
'read:jira-user',
'read:group:jira'
],
statusCode: 403,
classification: 'InsufficientOAuthScopes',
aggUgcPiiSafe: true,
errorSource: 'GRAPHQL_GATEWAY'
}
The problem is that forge doesnât support the scope âidentity:atlassian-externalâ , on forge deploy(even with no-verify) or lint it gives this error
39:6 error Invalid 'scopes' permission in the manifest.yml file - 'identity:atlassian-external'. Learn more about permissions at: https://go.atlassian.com/forge-permissions. valid-permissions-required
My question: Why is this scope not supported in Forge? Without this how can an App use Teams?