How can I validate the Atlassian Connect /installed callback?

Jeff Kandel
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
May 28, 2020

I am building an Atlassian Connect app with Rails.  The app will be private but not internal only during its initial launch. 

 

How can I securely associate the security context in the /installed event with the access token I provide them? 

 

Aside from the securityEntitlement number, which "will only be included during installation of a paid app", there does not seem to be any way to provide the Jira user with a private token I can verify directly from the /installed hook.  My current notion is to temporarily cache the security context and add some app enablement user flow to the Jira UI that includes sending along a secret generated by my app. Does anyone have other suggestions?

1 answer

1 accepted

0 votes
Answer accepted
Dario B
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
June 3, 2020

Hello @Jeff Kandel ,

Please notice that this is not the best place to get help on development related questions.

You can try to review below links (if you haven't done already) to see if you find anything useful in there:

 

For the rest, you have much higher chances to get help on development related question using the links you can find in https://developer.atlassian.com/resources. Specifically:

 

 

Cheers,
Dario

Suggest an answer

Log in or Sign up to answer
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
FREE
PERMISSIONS LEVEL
Product Admin
TAGS
AUG Leaders

Atlassian Community Events