Using AuthenticatedAsAddon returns 401

Hi Java devs

I am currently facing an issue using the atlassian framework and specifically
(With authenticatedAs(user) it is ok)

On my app Jira, I want to do CQL (for Confluence) call with (/api/search/cql) where issuer is the host.

The call fails with 401 UNAUTHORIZED.

The “culprit” is JwtGenerator which builds the token

        JwtBuilder jwtBuilder = new JwtBuilder(expirationTime)
                // .audience(host.getClientKey()) -- TODO Figure out whether we can / should set this?

The given host is the confluence host, but the addonDescriptorLoader.getDescriptor().getKey() returns the Jira addon key !
If I dynamically put the Confluence addon key, it works fine.

So the question is: did somebody find a workaround ? How ? (Fork atlassian source, tweak spring loader, wait for atlassian fix, …)
Any hint is welcomed.


Hi @LaurentNonnenmacher, I would like a bit more context here.

Is it correct that you have two Connect apps with different keys that you are backing by a single Spring Boot service using atlassian-connect-spring-boot? If so, that isn’t really a use case we support.

1 Like


We have actually 2 Springboot apps (so with 2 distinct atlassian-connect app).
And one “Jira” springboot app should retrieve data from Confluence instance (via connect rest API), without using a user, but only the AtlassianHost.

@LaurentNonnenmacher if you have two different Spring Boot applications running, I imagine you could do this either

  1. by sharing a database and using different tables to back AtlassianHostRepository (seems hacky).
  2. having the two apps communicate, i.e. proxying your requests from your Jira app to Confluence via your Confluence app.


Sharing the database will not solve the connection from Jira SpringBoot and Confluence Cloud API instance.

But agree on the second point.