REST API issues

Robert - I'm not sure if an addon is what I am trying to build necessarily. Is it considered an addon if it's a standalone app hosted elsewhere simply interacting with JIRA data?

No, you have to specifically opt in to being an Add-on by providing an Atlassian Connect descriptor.

If that is what you are doing then the jquery request is not going to work because of the Cross Origin problem that I mentioned above. JIRA Cloud does not support CORS: https://jira.atlassian.com/browse/JRA-30371

You should use a server-server call instead of doing it inside the clients web browser.

@Robert Massaioli is right, unfortunately CORS is not supported. How would you do a server-server call? Is a proxy needed for this?

@Marie Ritter, you just have to add a properly signed JWT token to the request from your addon to the Atlassian Product (https://developer.atlassian.com/static/connect/docs/latest/concepts/understanding-jwt.html). The Atlassian Connect Spring Boot and the atlassian-connect-express frameworks both do this for you. You can see here a list of frameworks that have implemented this flow.

@Robert Massaioli I know but what if I want to use the REST API of an external server?

If the external server is controlled by you then you have two options:

• Implement CORS on the REST API and call it directly using jQuery ajax in the web browser.
• Proxy a call through your addon server to the external server and make the call that way.

If the external server is NOT controlled by you then you should read their third party documentation and work out which integration mechanisms are avaliable to you. Cheers.

@Robert Massaioli I'm trying to proxy my call through the addon server with the following code in my hbs file

AP.require(['request'], function(request) {
    request({
        url: '/getdirectory',
        type: 'GET',
        success: function(data) {
            console.log("GET success");
            console.log(data);
        }, error: function(data) {
            console.log("GET error");
            console.log(data);
        }
    });
});

and this route in the index.js:

app.get('/getdirectory', addon.authenticate(), function(req,resorg){
    var httpClient = addon.httpClient(req);

    var url = // external REST API

    console.log("TEST DIRECTORY!");

    httpClient.post({ url: url, headers: { 'Cookie': 'JSESSIONID=' + jsessionid, additional_header : token}}, function(err1, res1, body1) {
        console.log(body1);
        resorg.setHeader('Content-Type', 'application/json');
        resorg.send(JSON.stringify(body1));
    });
});

I get a "403 Forbidden" response in my Javascript console (described this as well in my comment on https://answers.atlassian.com/questions/39787106). What am I doing wrong? I'm just trying to pass json data to the client.

If you want to talk to JIRA or Confluence then use AP.request.

If you want to talk to your Addon then just use regular jQuery.ajax. (Or whatever JS AJAX library you prefer)

AP.request is only designed for use from your add-on iframe to the Atlassian products; not your add-on.

Also, in the future, please ask a new question. Please don't tack questions onto the answers of other peoples questions.

@Robert Massaioli Thanks and sorry for my behavior.

@Marie Ritter, the only reason that I wanted to encourage you to raise a new question is because I could have easily missed this one. By asking a new question, and tagging it with 'atlassian-connect', you have an excellently high chance of getting help with your Atlassian Connect questions. Cheers and I hope you're having a good time developing your add-on!