Hi all,
Like the other Marketplace partners, I am rather disappointed with this announcement.
Many apps, including ours, has already been acting as an app and potentially having wider permissions compared to a user. I want to highlight that the privacy concern raised is not a new concern.
Apps can be a vital part of the content strategy in Confluence. The content of the pages might lose a lot of relevance when the apps are blocked. To me, this looks like apps are considered a non vital part of Confluence, which I (and I would guess the entire Marketplace ecosystem) obviously disagree with. This is almost as if Atlassian was discouraging the use of apps.
I can imagine that some of your customers will be quite disappointed too. Some of these customers have reached out to Marketplace partners and asked if the guest access will work with our apps. Based on the information we had, we have answered them. Something that was working before, will no longer work when these changes come into effect. Don’t #@!% the customer.
Since the main concern highlighted in the RFC is the privacy concern, perhaps it would make sense to clarify to the privacy team how the app authentication works already today.