Why is there no JWT Context in custom Macro Editor iframes?

Hi there,

I just wanted to implement a feature that has something to do with checking permissions. For this, the JWT context is usually very handy as it contains things like the content ID, the space key and the space ID. Since it is signed, I also know that I don’t have to perform an extra roundtrip to check whether the user actually has permission to access the page or space in question.

Now, when working on my feature I realized that the JWT context (as well as AP.context.getContext) seems to be empty within custom Macro Editor iframes. The only way I found right now to even get the space key via JS in a custom Macro Editor was AP.navigator.getLocation. So, I can at least put it inside my request manually. But this means I have to perform an extra roundtrip from my backend to check whether the user actually has the right permissions.

Is there any reason for the JWT context missing in custom Macro Editors, or am I just doing something wrong?

Cheers,
Sven

P.S.: Maybe I should mention that for the feature in question I cannot use URL parameters defined in the descriptor.

2 Likes

Hi @sven.schatter ,

We introduced AP.context as part of the cacheable app iframes enhancement to Connect. We went through as many modules as we could to implement this API, but relied on Jira and Confluence Ecosystem teams to implement the API for some modules. Subsequently I raised CONFCLOUD-70815: AP.content.getContext() returns an empty object in dynamic content macro editors to request this support.

Regards,
Dugald

1 Like

Thank you so much, Dugald!

1 Like