Last updated Sep 15, 2021

Rate this page:

Changelog

This page includes release notes and updates for Confluence Cloud app developers. Use this page to keep track of upcoming changes, deprecation notices, new features, and feature updates from Confluence Cloud.

Forge changelog

For updates about changes to the Forge platform, see the Forge changelog in the Forge documentation.

You can also ask questions and learn from other Confluence Cloud developers on the Atlassian Developer Community.

15 September 2021

removed Removal of use-400-error-response parameter from Add labels to content endpoint

We have removed the use-400-error-response parameter from the Add labels to content endpoint. Given the previous removal of the 500 status response, this parameter is now redundant and unused.

Learn more about this notice

7 September 2021

added New fields added to page_copied webhook payload

We have added two new fields to the page_copied webhook payload: origin and destination, which contain data for the the original page and newly-created page, respectively.

Learn more about this notice

removed Removal of 500 status response from Add labels to content endpoint

We have removed the 500 status response from the Add labels to content endpoint. The deprecation period for this response has passed.

Learn more about this notice

4 August 2021

notice - Deprecation Deprecation of persistent refresh tokens for OAuth 2.0 integrations

From 4th August 2021, persistent refresh tokens are deprecated. All new OAuth 2.0 integrations use rotating refresh tokens.

During the deprecation window, you’ll be able to switch between both refresh token behaviors in the developer console.

From 1st November 2021, all OAuth 2.0 integrations must use rotating refresh tokens and the refresh token options in the developer console are removed.

Learn more about this change and chat with us on the developer community post.

29 July 2021

added New Download attachment REST API endpoint

We have added a new endpoint for downloading a content attachment.

Learn more about this notice

26 July 2021

updated Added ability to look up groups by access type

The Get Groups API now supports a new query parameter accessType that must be set to “user”, “admin”, or “site-admin”. When set, the API will return groups with that level of access to Confluence.

See more details here

20 July 2021

notice - change Change to content conversion API

The Content conversion API, when called by an app, will no longer include context JWTs for macro rendering for macros from other apps.

24 June 2021

notice - change New permission API

We’ve added new permission API to grant or restrict custom content type permissions access for individual users and/or groups.

Learn more about these changes

21 June 2021

notice - change Change to Copy Page Hierarchy API exception handling

Copy Page Hierarchy API will now fail if an exception is thrown during execution of the long running task. This exception will be reported to the messages field of the corresponding long running task, and can be accessed using the Long Running Tasks API.

This change will release to the Confluence Ecosystem Beta Group on June 7th, 2021, and start rolling out in increments to production during June 21st-29nd, 2021.

Learn more about this notice

18 June 2021

notice - change Connect app lifecycle events security improvements

The first install callback sent by Atlassian to your Connect app is not signed. This could present a security risk. This change ensures that all install and uninstall callbacks are signed so you can verify that a request is genuine. This is a breaking change. Affected apps must be updated by 20 Aug 2021.

See the developer community post Action Required - Atlassian Connect installation lifecycle security improvements for more details.

7 June 2021

notice - change Bug fix for Copy Singe Page API

Previously, after copying properties to an existing page, source page properties were simply appended to the destination page properties. This was a bug that is now fixed. The current, correct behavior is that after copying, source page properties replace the properties of the destination page.

Learn more about this notice

4 May 2021

notice - deprecation Deprecation of PUT /wiki/rest/api/settings/lookandfeel/selected

We are deprecating the Set look and feel settings endpoint in favor of a new, more robust and better documented endpoint.

added Added new endpoint on PUT /wiki/rest/api/settings/lookandfeel

We have added a new Select look and feel settings endpoint to replace the Set look and feel settings endpoint, which we are deprecating. This new endpoint will perform mostly the same function, but with a better interface and clearer documentation.

Learn more about this notice

16 April 2021

Notice - Deprecation Deprecation of context JWTs without QSH

A breaking API change will be made to Atlassian Connect in Jira and Confluence Cloud to mitigate a vulnerability in the verification of the qsh claim in Connect JWT authentication. The change affects apps that specify an authentication descriptor setting of jwt.

See more at https://community.developer.atlassian.com/t/action-required-atlassian-connect-vulnerability-allows-bypass-of-app-qsh-verification-via-context-jwts/47072

added Added depth functionality to GET /wiki/rest/api/content/{id}/descendant/{type}

We are adding support for an optional depth parameter to fetch descendant:

subpages of a page e.g. GET https:///wiki/rest/api/content//descendant/page?depth=5 end of page comments on a page e.g. GET https:///wiki/rest/api/content//descendant/comment?depth=15 end of blog comments on a blog post e.g. GET https:///wiki/rest/api/content//descendant/comment?depth=2

up to a desired depth.

Learn more about this notice

16 March 2021

updated Limiting Connect Blueprint Descriptions up to 100 Characters

We are limiting blueprint descriptions to 100 characters to safely display the entire text for template cards.

Learn more about this notice

12 March 2021

updated Updated Long Task Status API endpoint response structure

The LongTaskStatus object that is returned as part of the responses for the GET /wiki/rest/api/longtask and GET /wiki/rest/api/longtask/{id} endpoints is being updated. Three new fields are being added: status, errors, and additionalDetails.

These fields are populated using the first Message object in the Array<Message> messages. This object holds details about the task that is stored as a string in JSON format. Previously, this information needed to be parsed by the developer. With this change, the new fields should make it easier to access this information.

Learn more about this notice

1 March 2021

updated Prevent Connect apps with macro alias conflicts from installing

We have implemented preventative measures to only allow one app with unique macro alias to be installed at a time. Any following apps with a conflicting macro alias will not be able to be installed, thus avoiding this issue completely.

Learn more about this notice

1 March 2021

added Added groupId to audit logs

Groups in audit logs will now display groupId next to groupname.

Learn more about this notice

17 February 2021

notice - change Changes to Add Labels to Content API error response

The error response returned on invalid labels for the Add labels to content API has a new status code 400 (previously 500) and an updated response body.

Learn more about this notice for more information.

11 February 2021

updated A new macro experience is coming to Confluence Cloud

We will be rolling out a new browsing and configuration experience for macros in Confluence Cloud. See the Developer Community post for more information and proposed rollout timeline.

Learn more

8 February 2021

notice - change Changes to Content API’s max number of sub-expansions in the expand query parameter

We will be limiting the number of sub-expansions allowed in the expand query parameter of the Get Content by ID API (/wiki/rest/api/content/) to a maximum of eight (8) sub-expansions.

Learn more about this notice.

29 January 2021

The new Creating a form tutorial teaches you how to build a simple form on a Confluence page, storing responses in content properties.

25 January 2021

Added INITIALIZING_TASK status message for initiating Copy Page Hierarchy and Long Task APIs

A new status INITIALIZING_TASK has been added to tasks when initiating Copy Page Hierarchy API. This is to prevent null values in the message field if a task is completed prior to a status being saved.

See the community post Added status message for initiating Copy Page Hierarchy and Long Task APIs for more information.

11 November 2020

updated Changes to Connect sub extension initialization

The Connect JavaScript API supports the ability to nest iframes using the sub extension. While no functional change is happening, we are making an implementation change to how sub iframes are initialized which will make the feature more secure.

See full change notice

29 September 2020

notice - deprecation Updates to Group REST APIs and Group Webhook Events

Confluence cloud is moving away from groupName towards groupId as the identifier for Groups. Two main changes may affect you.

  1. REST API - We will be exposing REST endpoints that will use groupId instead of groupName in the next two months. Once the new groupId APIs are available on Nov 16, 2020, we will start a 6 month deprecation for the APIs that use groupName. After this 6 month period, groupName will still be available but will no longer be immutable, so you will not be able to store it and rely on it being a stable identifier.
  2. Webhook Events - We will also be adding a new field groupId to the webhook events group_removed and group_created.

Learn more about this notice

29 September 2020

updated Upcoming UI update to the page overflow menu in Confluence Cloud

As part of our continuous effort to simplify the user experience, we are making some UI updates to how the page overflow menu is organized in Confluence Cloud. For apps that use any of the following extension points…

  • webItems
    • system.content.action/primary
    • system.content.action/secondary
    • system.content.action/modify
    • system.content.action/marker
  • webSections
    • system.content.action

…this update would mean:

Before : apps are located in a Confluence predefined section or app-defined custom section in the menu. After : apps and other integrations will be grouped into their own dedicated section in the menu.

Learn more about these changes

9 September 2020

added Added new tutorial on how to make REST API calls

The new Using the REST API tutorial shows how to call the REST API in three places:

  • command line using cURL
  • Connect route handler
  • Connect view

The example performs a simple CQL search and displays parts of the returned data.

28 July 2020

notice - deprecation Deprecating 2 old Group APIs

Starting January 28, 2021, the following APIs will no longer function:

added Added 6 new Group APIs

See full change notice for details.

20 July 2020

updated Changes in anonymous access to Convert Content Body API

Convert Content Body API is now allowlisted for anonymous access. However, if anonymous access is not explicitly enabled for a tenant, use of the following query parameters will result in HTTP 403 (Forbidden):

  • spaceKeyContext
  • contentIdContext

7 July 2020

notice - change OAuth 2.0 endpoint for auth.atlassian.io URL is changing

The Atlassian OAuth 2.0 authorization service that is currently available at auth.atlassian.io is moving to a different URL, oauth-2-authorization-server.services.atlassian.com. Atlassian is consolidating all of our public services under this naming scheme. The old URL will be retired as of January 1, 2021. See the OAuth 2.0 endpoint deprecation notice for more information.

22 May 2020

The Theme API was built for a UI that Confluence has recently moved away from, and doesn't support the new UI. Based on Theme API usage to date, we are evaluating whether Theme API will support the new UI.

4 May 2020

added The new layout manager is coming to Confluence

Page-layout is a technical update to the new Confluence navigation for further performance optimization. It’s a whole new way to lay out top navigation, side navigation, and page content on a page, user generated or system rendered.

Learn more about roll out

17 Apr 2020

updated New changelog format

We've updated our changelog to be more consistent and easier to keep track of. All of the information from our old changelog, formerly called Latest Updates, is included in this page, but now everything is organized by date and announcement type.

8 Apr 2020

notice Users that use Sign in with Apple may choose to not share their email address

Marketplace apps that have access to the customer’s private Apple email, can only use the email as an identifier, not to communicate with.

Learn more

6 Apr 2020

notice - change Enhanced Validation of OAuthClientIds

Atlassian Connect is enhancing the security of impersonation token requests to ensure older OAuthClientId are no longer accepted. We plan to roll out this change in a progressive manner:

  • May 12: Changes will be released to the Jira and Confluence Cloud Vendor First program.
  • June 16: Changes will be progressively rolled out to all remaining Jira and Confluence tenants on an app by app basis. Over a two week period, we’ll increase the percentage of apps receiving the change nominally from 5% to 50% to 100%. These dates and rollout percentages may change depending on whether issues are encountered by customers.

See full change notice for details.

1 Apr 2020

added Added new tutorial on how to create a macro app

Creating a dynamic macro (formerly "Rise of the macros") has been rewritten to be simpler and more useful.

updated Renamed developer tutorials

All of the tutorials have been renamed so that you can tell at a glance what each one teaches.

27 Mar 2020

added Added Move and Copy Page APIs

  • Move page - PUT /wiki/rest/api/content/{id}/move/{position}/{targetId}
  • Copy page - POST /wiki/rest/api/content/{id}/copy

We added the ability for you to move and copy your Confluence pages from the comfort of your REST calls. Find out more about these endpoints in this Dev Chat.

20 Mar 2020

notice - change Adding sandboxing to Connect app iframes April 1

Urgent: See full change details and allowlist in our developer community update.

This change has already been rolled out to sites in the Jira 10 and Confluence 7 Ecosystem Beta Groups for testing and will be rolled out to the general public beginning Wednesday 1st April (changed from Wednesday 25th March).

Join the early release rollout program

You can participate in early release rollouts of new product improvements and features on your designated cloud testing or development instances. These rollouts are for production changes, not experimental features. By participating in this program, your designated test/dev instances will be an early release cohort. Sign up your developer instance.

3 Mar 2020

notice - deprecation Removal of some Connect App install payload fields

Starting September 2020, we will remove the following legacy fields from the Connect app install payload because they are no longer relevant:

  • pluginsVersion
  • serverVersion

See the full deprecation notice for details.

3 Feb 2020

notice - change Upcoming changes to modernize search REST APIs

On July 24, 2020, Confluence will update how we return paginated results for our REST APIs from an index-based system to a cursor-based system. See full notice on changes.

16 Dec 2019

updated Security documentation updates

We've made some changes to the Security section of our documentation so that it is easier to use:

  • Consolidated the Security pages into one section
  • Moved all the overview content to one place
  • Made it easier to see the information about frameworks
  • Put all the JWT instructions together
  • Clarified the choices about security approaches

Don't worry: no information has been removed, and redirects have been put in place so that your bookmarks will still get you to the information you are looking for.

7 Jul 2019

notice - deprecation Search API changes for GDPR and deprecation notice

As a part of larger GDPR changes, we are making some changes to our /wiki/rest/api/search API. Starting 20 Jan 2020, we will no longer support user search through /wiki/rest/api/search.

With these changes, we have also introduced a new API for user search (/wiki/rest/api/search/user) that you can start using today. See full details of changes.

30 Sep 2018

notice - deprecation

By 29 April 2019, we will remove personal data from the API that is used to identify users, such as username and userKey, and instead use the Atlassian account ID (accountId). Additionally, we plan to restrict the visibility of other personal data, such as email, in conjunction with a user's profile privacy settings.

See full details and tips on how to update your setup in this deprecation notice and migration guide.

10 Jul 2018

notice - deprecation Deprecating basic authentication with passwords

Basic auth with passwords is being deprecated in Confluence. From June 3rd, 2019, we will be progressively disabling the usage of this authentication method. See the full deprecation notice here: Deprecation notice - Basic authentication with passwords.

5 Jun 2018

The following are major changes related to GDPR.

added Introduction of Atlassian account ID

notice - change Changes to Confluence user objects and APIs that accept user information

  • Removal of username values from various Confluence API resources
  • Updates to CQL fields that accept username, userkey or email as input
  • Updates to Confluence APIs which accept user name or key as input
  • Confluence REST APIs changing in response to GDPR

Rate this page: