Weekly GDPR API status development - May 10

akassab · May 10, 2019, 10:15pm

Update on the roll out of new Bitbucket Cloud, Jira Cloud and Confluence Cloud APIs

Bitbucket APIs Bitbucket APIs will start rolling out the new APIs to a small cohort of customers starting next week.

Jira APIs we started rolling out Jira APIs and after initial launch found a bug that affected the whitelist we were using to prevent apps signaling gdpr:false from being affected. We rolled back the roll out to address the bug. We anticipate the fix to be in place next week and the roll out to resume on 2019-05-12T23:00:00Z

Confluence APIs will not change until May 29, 2019 9:00 AM .

Next up: Profile Visibility Controls

The API roll out mentioned above will not affect the profile data returned thru user objects. If you’ve tested the API behaviors using the Jira REST header x-atlassian-force-account-id:true and/or Confluence query parameter privacyMode=true and the Atlassian Connect descriptor flag gdpr:true , then you should be familiar with the changes that will start rolling out next week.

Following the roll out of the new APIs, we intend to release a new feature for Atlassian Account which may change the data returned thru user objects. Certain fields like timezone and email address may be hidden by a user and not return in the user object. Additionally, the user may decide to show only public versions of their name or avatar.

All of these changes including the default settings are documented in these guidelines .

If you are interested in testing profile visibility controls before we release them (target end of May) we can set up a developer instance for you. Please raise a DEVHELP ticket . We intend to close the testing window on May 16, 2019 .

If your app requires use of email address to provide core functionality, please raise a request to access the email API. Should you use the email API without raising a request your app may be prevented from being installed .

Thank you

As always, thank you for working with us through these changes. Its been a large amount of work to complete in a short timeframe and we appreciate you helping us deliver a more trusted experience for customers.

maciej.dudziak · May 14, 2019, 9:05am

Two of our apps are still blocked, one by [ACJIRA-1768] - Ecosystem Jira, the other by [ACJIRA-1773] - Ecosystem Jira

david2 · May 15, 2019, 2:44pm

Hi @akassab,
apparently, a new GDPR regression was found: [JRACLOUD-72051] Wrong mail header when triggering notifications via issue/notify API - Create and track feature requests for Atlassian products.. This is a problem for our Email Issue post-function.

daniel2 · May 15, 2019, 9:04pm

We are also waiting for [ACJIRA-1768] - Ecosystem Jira

maciej.dudziak · May 16, 2019, 1:33pm

Hi @akassab what is your recommendation, what to do with blocked apps? Should I release new versions even if they contain problems not resolved or maybe rollout will be postponed ?

akassab · May 17, 2019, 9:18pm

@maciej.dudziak - please continue to signal that you are blocked using the Atlassian Connect app descriptor gdpr:false.

We are aware that ACJIRA-1768 hasn’t been rolled out yet. I don’t have an ETA from the Jira team on when it will be fixed but will provide an update ASAP.