Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
4,363,572
Community Members
 
Community Events
168
Community Groups

rest api: access to new page (unpublished, never published) forbidden 403

Edited

Hello, I want to work with attachments - via REST API - at new confluence page. (Never published.)

URL of such page:

https://jankalendovskymorosystems.atlassian.net/wiki/spaces/EASYMINDCL/pages/edit-v2/109215748?draftShareId=c4650c6d-8cc9-4d45-bb92-114987f26614

Result - http 403 - forbidden. (Or 404 not found.)

I tried:

POST /rest/api/content/109215748/child/attachment?status=draft ... 403 forbidden
POST /rest/api/content/109215748/child/attachment ... 404 not found
GET /rest/api/content/109215748?status=draft ... 403 forbidden
GET /rest/api/content/109215748 ... 404 not found
GET /rest/api/content/109215748/child/attachment?filename=xxx ... 403 forbidden
GET /rest/api/content/109215748/child/attachment?filename=xxx&status=draft ... 403 forbidden

 

We call confluence REST API from addon running in Tomcat - signing via JWT.

"scopes": ["read", "write", "delete"]

Also tried with

"scopes": ["admin"]

The same calls on published page works fine:

GET /rest/api/content/65538/child/attachment?filename=xxx ... OK http 200
GET /rest/api/content/65538/child/attachment?filename=xxx&status=draft ... OK http 200

Both pages (unpublished and published) where created by myself via "+" (blueprint dialog) as empty. (I filled a caption and put a simple sentence.)

More over, after I have published the page 109215748, the same REST APIs started to work.

-----

Usecase:

We are developing plugin Xyz for cloud. (There is already working Xyz for server Confluence.)

The plugin lets users to save data. Data is saved as confluence attachment.

The plugin also lets users to save data at new - never published page.

The plugin Xyz for server-confluence works fine - saving attachment at unpublished page works.
I would like the plugin Xyz for cloud to work fine as well.

-----

Can you help me?

1 answer

1 accepted

1 vote
Answer accepted

For anyone still struggling with this: we managed to retrieve an unpublished page (Draft) by making a user impersonated call (https://developer.atlassian.com/cloud/confluence/user-impersonation-for-connect-apps/) instead of JWT. Also manipulating with attachments works fine with user impersonation as soon as you append `status=draft` to the url.

Suggest an answer

Log in or Sign up to answer
TAGS

Atlassian Community Events