So we are trying to update a Confluence Connect app on the marketplace and add the ACT_AS_USER scope. The problem is that the following error occurs when deploying the change and making REST API calls as user:
The oauth client ID in the issuer string was the literal "undefined".
This is probably because your add-on does not have the `ACT_AS_USER` scope (or didn\'t have it at the time it was installed).
Please add `ACT_AS_USER` to the `scopes` section of your descriptor, and reinstall the add-on.
So basically all customers which have installed our app need to manually uninstall and reinstall our app, am I right? And we would have to inform all our customers to do that. Is there an alternative approach that I’m missing?
It would be ideal if Atlassian would detect such scope changes and reinstall the app automatically (after admin accepts the scope changes). We are making use of multiple staging and testing environments before deploying to production, and we also use end-to-end tests to ensure the app’s functionality. However, this problem was only caught in production as the app is reinstalled on the test instances during CI. So we had to revert the release to prevent breaking all app installations without the customers knowing how they could fix the problem.
I would release a new version that just declares the “Act as user” scope without actually using it. The Confluence admins should then get a notification of some sort that there is a new version that they need to approve because of the scope change.
Then wait around two weeks and release a new version that actually uses the “Act as user” functionality.
2 Likes
Hi @ThomasZahner ,
Welcome to the Atlassian Developer Community.
Since customers must review and approve the new version of the app, there is no way to guarantee when the upgrade will occur for any given workspace/tenant. You will therefore need to design you new functionality so that it fails gracefully. For example, detect the error and report it to a user.
You can read more about major version upgrades at https://developer.atlassian.com/platform/marketplace/upgrading-and-versioning-cloud-apps/#changes-that-require-manual-customer-approval.
Dugald
1 Like
Thank you for your answers. I realised only now that changes to the atlassian-connect.json are applied to app installations within the next few hours automatically.
As this update includes scope changes manual confirmation/updating is required so making an update with just the scope changes before the actual update is a very practical solution. Thanks @t-bundt we will use that approach. An alternative would be to provide new API endpoints for breaking changes to stay backwards compatible, but in our case this is not as practical.