Apps are required to migrate to Atlassian AccountID and remove legacy user references (username and user key) by April 29, 2019. For more background on why - please see our first post .
Understanding migration status
We are tracking use of the apiMigrations flag in the Connect App descriptor as a way to understand developer readiness to deprecate username and user key from our REST APIs. This flag serves as both a mechanism to test the new API behaviors (when set to gdpr:true
) and a communication tool to signal when you are blocked (when set to gdpr:false
).
Today, we have 149 apps that have signaled that they are ready for the deprecation, 85 that have signaled they are blocked, and ~480 that have not indicated their status.
In order for us to understand where you are with migration to accountID and use that information to effectively communicate with our product teams we need you to signal your status using the âopt In mechanismâ.
Learn more about how to properly use this flag.
Additional note on optâing into the new API behaviors
The flag described above controls Atlassian Connect behaviors. When optâd in gdpr:true
only the APIs related to Atlassian Connect will change this includes: Inbound Auth, Outbound Auth, App iFrames, App Lifecycle, Webhooks, and JavaScript API. To change the behaviors of Jira and Confluence REST APIs you will need to pass additional header/query parameters on every REST call. The header for Jira APIs is x-atlassian-force-account-idâ:true
. This header is also required to transform change logs from username to accountID. The query parameter for Confluence is privacyMode=true
.
Note: Jira webhooks (query parameters and webhook payloads) still contain user_id
and user_key
even when optâd into the new API behaviors via the connect descriptor. We are planning to address query parameters but not webhook payloads. Please comment below if continuing to receive these soon to be deprecated fields in webhooks during the opt in period creates a critical blocking issue for you.
Recently closed issues
-
Confluence documentation for new REST endpoint for migrations - Jira and Confluence have new migration APIs that are unaffected by the 29 April 2019 deprecation. (See here for Jira: /rest/api/3/migration ) The endpoint for Confluence is documented here.
-
Get current userâs locale ( ACJS-1073) - AP.user.getLocale() is now available. For performance concerns please consider using cacheable app iframes.
Issues with workarounds
The below issues have workarounds and therefore have been de-prioritized from our list of blockers. Please refer to the tickets for more details on the workarounds.
-
Account ID not working in notify resource - This issue was raised in ACJIRA-1746. In order to get accountID in the notify resource youâll need to include the âstrict modeâ header in your REST call (
x-atlassian-force-account-id:true
). -
Jira sidebar fails to render for Project Admin Tab Panel without legacy user context parameters - This issue was raised in ACJIRA-1736. Jira completed their investigation of this issue and discovered that if the order of parameters is changed or any parameters are omitted, then the navigation fails to render. In terms of the upcoming API deprecations it should be possible to include the legacy context parameters to stop the navigation failing to render. Jira will look into improving the handling of parameters for this feature but that may not be done before the planned deprecation of legacy user references.
-
Jira PD Cleaner converting user strings that are not exact usernames to âunknownâ - This issue was raised in ACJIRA-1712 but now is being tracked in ACJIRA-1725. The guidance from the Jira team at this time is to manually convert expressions that cannot be automatically converted by the PD Cleaner.
-
Jira does not recognize issue entity property aliases - This issue was raised in ACJIRA-1723. The guidance from the Jira team at this time is the same as the above (manually convert expressions that cannot be automatically converted by the PD Cleaner).
-
Jira does not have an API to edit workflows -This issue was raised in ACJIRA-1718. The guidance from the Jira team at this time is to update post function data from its configuration form.
-
Problem exporting / importing user data in Jira - Exporter Cloud - This issue was raised in ACJIRA-1751. Export as CSV currently produces user names, and importing of CSV data currently understands user names and commits to not breaking the import/export functionality until resolving issues raised in that ticket.
Items In Progress
-
Jira user picker REST API missing account type - The Jira team expects this to be released by March 27, 2019. See ACJIRA-1686.
-
Jira post function /triggered calls missing accountID and account type - This issue was split from the above. The Jira team has is preparing to work on this issue. The estimated fix date is March 27, 2019. See ACJIRA-1722.
-
Jira incoming webhooks missing accountId - Jira is planning to add a separate event that will use accountIds. The estimated fix date for this issue is March 27, 2019. See ACJIRA-1692.
-
JQL transformed to remove legacy user references and replaced with accountID are un-readable - Weâre building a JQL Editor Dialog component that will display the userâs current name in JQL rather than the accountID. This work was expected to ship this week but has been delayed. We do not have a new estimated ship date yet. See ACJIRA-1710.
-
Email address hidden by default - The Email API is being worked on now. We are delayed a bit (we expected the work to be complete this week). The new estimated date for this is March 29, 2019 See ACJIRA-1726
-
Missing avatarURL with opt in header (
x-atlassian-force-account-id:true
) - Avatars should be present with the opt in. Jira is currently investigating this issue. We do not have an estimated fix date yet. See ACJIRA-1732.
Testing Profile Visibility Controls
If you are ready to start testing profile visibility controls, please raise a ticket in our Developer Support Help Desk here . We are not quite ready to set up developer environments but this guide will describe how testing will work and what you can expect once privacy controls are turned on.
Thank you
We realize this is a large amount of work to complete in a short timeframe. We appreciate you working with us through this process to deliver a more trusted experience for our customers.
If weâve missed anything preventing you from completing the migration, please comment below.