We’ve added documentation about:

• detection of any rotating refresh tokens being reused

• the absolute lifetime, inactivity lifetime, and leeway of rotating refresh tokens

• implications of migrating to rotating refresh tokens and rolling back to persistent refresh tokens

• possible causes of and debugging the 403 Forbidden (invalid_grant) error

The context.contentId property of AP.navigator.getLocation (see Navigator.getLocation) is changing from a number to a string.

This is because Confluence contentIds can be up to 64 bits (a long), which is larger than what can be represented in a JavaScript number (53 bits of integer precision). We recently started seeing very large contentIds for certain customers, above the threshold of what JavaScript can store accurately in a number, so we are switching to using a string so all values can be stored safely.

For full details, see the announcement post: https://community.developer.atlassian.com/t/change-notice-connect-contentid-value-returned-by-ap-navigator-getlocation-value-changing-from-number-to-string/54105

We have added the ability to retrieve user’s time zone to all the REST APIs which retrieve user profile information.

If the user has set up a time zone, it will be retrieved from the user profile, otherwise it will default to the tenant time zone.

user with time zone

"timeZone": "US/Pacific"

user without time zone

"timeZone": "America/Los_Angeles" (default to tenant time zone)

We previously announced the deprecation date of persistent refresh tokens as 30 November 2021.

We’ve updated this deprecation date to be 31 January 2022 instead.

We’ve updated the leeway or reuse detection interval of rotating refresh tokens, from three seconds to 10 minutes.

You can now migrate your Connect app listing and installations to Forge. Navigate to the management view of your Marketplace listing, then select a Forge app with a matching app.connect.key as the new version.

Admins of sites that use your app’s Connect version will be prompted to update to the Forge version (in the “Manage Apps” screen). When they accept, the installation will be replaced by the Forge version.

You can request a staged rollout of the upgrade by raising a Marketplace support ticket listing which sites see the upgrade.

See Migrate an app from Connect to Forge for more information on how to migrate your app (including known issues and limitations with doing so). Then, see Listing a Forge successor to a Connect app for information on how to update your listing with a migrated app.

Display conditions are now available for the Confluence byline item module. Using display conditions, you can control the visibility of your app modules in the UI. See the display conditions reference documentation for more details.

Run npm install -g @forge/cli@latest on the command line to install the latest CLI version with linting for display conditions.

Within the Fabric Editor in preview mode, a dynamic content macro with the plain-text body type will be updated with a new body value.

The change is related to API https://developer.atlassian.com/cloud/confluence/jsapi/confluence/

Learn more about this notice

The appearance of Confluence space settings is changing. Any apps living in space settings will use the new navigation pattern.

Learn more about this notice

We’ve restructured the Modules and UI kit components reference documentation, to make it easier to navigate and consume content.

Group names will no longer be immutable after March 27, 2022

Learn more about this notice

We have removed the use-400-error-response parameter from the Add labels to content endpoint. Given the previous removal of the 500 status response, this parameter is now redundant and unused.

Learn more about this notice

We have removed the 500 status response from the Add labels to content endpoint. The deprecation period for this response has passed.

Learn more about this notice

We have added two new fields to the page_copied webhook payload: origin and destination, which contain data for the the original page and newly-created page, respectively.

Learn more about this notice

From 4th August 2021, persistent refresh tokens are deprecated. All new OAuth 2.0 integrations use rotating refresh tokens.

During the deprecation window, you’ll be able to switch between both refresh token behaviors in the developer console.

From 31st January 2022, all OAuth 2.0 integrations must use rotating refresh tokens and the refresh token options in the developer console are removed.

Learn more about this change and chat with us on the developer community post.