You're on your way to the next level! Join the Kudos program to earn points and save your progress.
Level 1: Seed
25 / 150 points
1 badge earned
Challenges come and go, but your rewards stay with you. Do more to earn more!
What goes around comes around! Share the love by gifting kudos to your peers.
Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!
Join now to unlock these features and more
I'm new to getting data with ConfiForms via REST API from a webservice. For testing, I have created a page that uses an IFTTT macro and the action WebService Request. I know what to configure for the Service URL and Method parameters but I stumble at WebService connection:
Because of the URL "/admin/vertuna/confiforms/config.action" that is displayed if I move the mouse cursor over the Manage connections button, I have the impression that only system administrators can setup a WebService connection.
Is that true?
By system administrator, I actually meant Confluence administrator. Thank you for using the more accurate term.
But why can only a Confluence administrator configure a WS connection? This makes the use of REST APIs inflexible, as I have to ask my admin colleagues for support every time. Also, the list is likely to grow as more ConfiForms developers use different WebServices.
I suspect this is for security reasons, to separate and hide the credentials from the ConfiForms code.
This is by design and allows your responsible personnel to be aware o the connections to external systems the Confluence has and may do.
This can be changed in the ConfiForms settings - either lowering the security and allowing non admin users to configure connections (allowUserConnections) or increasing the follow whitelists and so on (whitelistEnforcement)
When enabled, the UI to configure web-service connections will appear in user profile settings.
one last question to whiteListEnforcement you have suggested above. The meaning of this setting in respect to Web Service connections is not clear to me.
To check the function of the allowUserConnections or whitelistEnforcement settings, I organized a Confluence DC test instance where I have access to the admin settings
Could you please explain the meaning of whiteListEnforcement in respect to Web Service connections a bit more?
Thanks + best regards
This is what whiteListEnforcement is all about
And ConfiForms follows these rules and will allow connections only to these servers (you will still need to define a connection in ConfiForms, but only the ones that match the rules in the whitelisting will be work)
thanks for your explanation. However, as I described above in the second bullet point under whitelistEnforcement, it doesn't work as expected.
At least not in my test environment. (BTW: The term whitelist has been changed to allowlist in the Confluence user interface. Reference)
My test environment:
Am I doing anything wrong or could it be a bug?
<ac:structured-macro ac:macro-id="c357d447-51a8-4586-99f6-bc0a0ccd1d65" ac:name="confiform-ifttt" ac:schema-version="1">
<ac:parameter ac:name="action">WebService Request</ac:parameter>
You are right, it seems that the service that allows us to check that was not properly working in the plugin anymore (not being properly looked up - seems that something has silently changed on the Confluence side)
We have fixed that in the upcoming 3.4.0 version of ConfiForms
I have updated ConfiForms to version 3.4.0 in my test environment and can confirm that the behaviour of the whitelistEnforcement setting is now as expected:
Thanks for providing a fix so quickly. 🤩