Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Violating Content Security Policy when using Forge API

Dmitry Khotinskiy
Dmitry Khotinskiy May 7, 2024

I'm developing a module for Jira using Atlassian Forge and when I try to pull user's data using @Forge/api, I get the following error on Jira Cloud:

Refused to connect to 'https://jira/rest/api/3/myself' because it violates the following Content Security Policy directive: "connect-src 'self' https://api.atlassian.com/metal/ingest".

Here's my code:

const accountInfoURL = route`/rest/api/3/myself`
const accountInfoRes = await api.asApp().requestJira(accountInfoURL, {
  headers: {
    'Accept': 'application/json'
  }
})
Answer
Watch
Like Be the first to like this
1254 views

2 answers

1 accepted

0 votes
Answer accepted
Dave Rosenlund _Trundl_
Dave Rosenlund _Trundl_
Community Champion
May 7, 2024

Welcome to the Atlassian Community, @Dmitry Khotinskiy  👋

Check out this post on the Atlassian Developer Community. It may provide some insight.

And, you may want to consider joining that Atlassian developer-specific community, too.

Best,

-dave

View More Comments
Dmitry Khotinskiy
Dmitry Khotinskiy May 8, 2024

Thank you @Dave Rosenlund _Trundl_, although that post didn't provide resolution to my issue, it led me to the answer. The code that I provided was in the frontend/index.jsx file which should be in resolver/index.js and accessed via @forge/bridge.

Also, thank for pointing me to Atlassian's developer-specific community!

Like • 2 people like this
Huong Thi An
Huong Thi An
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
September 28, 2024

Hi @Dmitry Khotinskiy ,

Can you tell me how to fix your issue?

Like
Reply
0 votes
David Bakkers
David Bakkers
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
May 7, 2024

Hello @Dmitry Khotinskiy 

You are trying to get data about the currently logged in user, so you need to use the asUser() context method, not the as asApp() method:

await api.asUser().requestJira(route`/rest/api/3/myself`)
View More Comments
Dmitry Khotinskiy
Dmitry Khotinskiy May 8, 2024

Thank you for your response @David Bakkers, but both asUser() and asApp() produce the same issue.

Like • David Bakkers likes this
David Bakkers
David Bakkers
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
May 8, 2024

No problems. As you've already worked out, you can't call internal APIs from the frontend via the bridge.

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
STANDARD
PERMISSIONS LEVEL
Product Admin
TAGS
atlassian, confluence, loom, atlassian intelligence, ai notes, ai-powered meeting notes, atlassian community events, ace, confluence ai, loom ai integration, ai note-taking, atlassian ai features, team '25, atlassian live learning, confluence automation

Unlock AI-powered meeting notes: Join our live learning session! 📹

Did you catch the news at Team ‘25? With Loom, Confluence, Atlassian Intelligence, & even Jira 👀, you won’t have to worry about taking meeting notes again… unless you want to. Join us to explore the beta & discover a new way to boost meeting productivity.

Register today!
AUG Leaders

Atlassian Community Events

Community
Forums
FAQs Forums guidelines
Learning
About learning Resources
Events
Champions
Copyright © 2025 Atlassian
Privacy Policy Terms Security
Welcome illustration

Welcome to the new Atlassian Community

Online forums and learning are now in one easy-to-use experience.

By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.