I am building an Atlassian Connect app with Rails. The app will be private but not internal only during its initial launch.
How can I securely associate the security context in the /installed event with the access token I provide them?
Aside from the securityEntitlement number, which "will only be included during installation of a paid app", there does not seem to be any way to provide the Jira user with a private token I can verify directly from the /installed hook. My current notion is to temporarily cache the security context and add some app enablement user flow to the Jira UI that includes sending along a secret generated by my app. Does anyone have other suggestions?
Hello @Jeff Kandel ,
Please notice that this is not the best place to get help on development related questions.
You can try to review below links (if you haven't done already) to see if you find anything useful in there:
For the rest, you have much higher chances to get help on development related question using the links you can find in https://developer.atlassian.com/resources. Specifically: