Why does customer keep getting error: Add-on 'myapp' disallowed to impersonate the user because 'no valid active user exists

This is something I have encountered only recently, after I released a post function. In the post function, new issues are created and during the process, the current user details are fetched to fill some variables. The error is generated in response to:
/rest/api/2/myself
executed from ACE using impersonation api (passing accountId extracted from JWT token)
Of course, the app has the ACT_AS_USER scope. I am observing it for one customer only.
I wonder how it is possible. The user is obviously active, because someone is constantly triggering the post function. I also checked whose accountId I should get when a post function is called and it should be the user responsible for triggering the action.
So my question is, what’s going on? How is it possible that impersonation doesn’t work for that particular customer? :thinking:

2 Likes

Hi Maciej,

Can I ask what the trigger is for the Post function?

Cheers,
Melissa

I’m having a similar issue.
I changed a function to make the request as user and it works fine in most cases. It’s not working when called from my issue_updated webhook, if the webhook is triggered when a user makes an issue change then it works, but when the webhook is triggered by an app user, then if I use the app user account id to make the request as user it fails with the disallowed to impersonate message.

Hi, I had to add logs to find out the details. It still happens, transitionName: Create, transitionId: 1.
Strange, other customers are using the same trigger and it works fine for them.

Hi Community,
was there any clue to a solution or a reason to this? We are seeing
403 Forbidden: "{"error": "Add-on 'foo-app' disallowed to impersonate the user because 'no valid active user exists'"}"
errors as well in our logs.
Thanks

Got it also.
App doesn’t work anymore.