Why does Forge user impersonation keep returning PROXY_SERVER_FAILURE?

Forge Forge Rookies
, , ,
1

I am trying to setup a simple function in my Forge app to comment on behalf of users (impersonate user). The app can comment as me when given my ID however when I try with another user we keep getting PROXY_ERR: Forge platform failed to process runtime HTTP request - 500 - PROXY_SERVER_FAILURE?

Since it’s working for me and the other user can manually comment on our test ticket I don’t believe it’s a permissions or scope issue. But maybe I’m wrong?

permissions:
  scopes:
    read:jira-user: 
      allowImpersonation: true
    read:jira-work:
      allowImpersonation: true
    write:jira-work:
      allowImpersonation: true

This is where I attempt in my function to comment as the user and get an error:

    const response = await api.asUser(userAccountId).requestJira(
      route`/rest/api/3/issue/${issueKey}/comment`,
      {
        method: 'POST',
        headers: {
          'Accept': 'application/json',
          'Content-Type': 'application/json'
        },
        body: JSON.stringify(commentBody)
      }
    );

I’ve triple checked and the accountID being passed is correct. Does anyone know why this proxy error keeps happening?

2

Hi @NathanHutchins

Something it could be is if the app isn’t published yet and the user doesn’t have access to the app (that is, the user isn’t an app contributor). That would explain why it’s working for you but not for any other account ID. See this page for the full list of restrictions.

I can look into this further for you if it’s not that. Could you please provide me with a trace ID or your app ID? Feel free to send them as a direct message or a reply here.

Thanks :smile:

3 Likes
3

Ohhh that was it! Adding the other user as an app contributor worked. We can now comment as either user. That makes sense now. Thanks!

So once the app is published anyone with access to the app in the instance would then be able to use this impersonation?

4

Glad to know it’s working :smile:

That’s correct, once it’s been published to the marketplace, or shared via. direct distribution, the app should be able to impersonate any user in the instance, subject to the rest of the constraints listed on that page (i.e. it can’t impersonate another app’s user or a deactivated user)