Rate this page:
This page includes release notes and updates for Confluence Cloud app developers. Use this page to keep track of upcoming changes, deprecation notices, new features, and feature updates from Confluence Cloud.
For updates about changes to the Forge platform, see the Forge changelog in the Forge documentation.
You can also ask questions and learn from other Confluence Cloud developers on the Atlassian Developer Community.
Today, we are happy to announce the launch of the Early Access Program (EAP) of data residency realm migration for Connect apps. This EAP release includes a new realm migration service and associated APIs, which will enable you to start integration and testing to support migration of app data to match the parent product realm.
You can now use the following endpoints in version 2 Confluence REST API:
Learn more by exploring https://developer.atlassian.com/cloud/confluence/rest/v2/intro/.
These granular endpoints allow you to be more specific when interacting with Confluence data.
Content is broken down into specific types. You can work with pages, blog posts, and more, as discrete entities.
When retrieving bulk content, these granular endpoints also offer faster speeds (up to 30x). Our new cursor-based pagination allows quick iteration through content, instead of offset-based pagination.
This release includes support for Connect, OAuth 2.0 (3LO), and Forge apps.
Several months ago, we announced new security requirements for cloud apps, which take effect today (October 31). As of today, all Marketplace apps and Trello Apps (Power-Ups) are expected to meet the new requirements.
Maintaining a secure Marketplace is a collective effort, shared by Atlassian and partners. The new requirements reflect the most current best practices for building secure apps and provide platform-specific guidance. They set Atlassian’s baseline standard for cloud app security, and will be updated annually to ensure alignment with industry standards.
The new requirements apply across five categories: Authentication & Authorization, Data Protection, Application Security, Privacy, and Vulnerability Management. They benefit both developers and customers by providing guidelines for building secure apps and elevating the trust posture of our cloud ecosystem.
Read the blog to find out more about the changes that take effect today, and how we will validate that apps are following security requirements moving forward.
All app base URLs that receive customer traffic will be monitored.
A single healthcheck path will be used for all app base URLs.
Only the HTTP status code 200 will be accepted.
A response must be returned within 3 seconds.
HTTP redirections will not be followed.
App base URLs
App healthcheck requests will be made to each distinct base URL that receives customer traffic, including the latest version of the app, the last patch version for each minor version with installations, and all regions for app versions that support data residency. The 99.9% 28-day target SLO will be applied to each app base URL individually.
App healthcheck path
App healthcheck URLs will be determined by applying a healthcheck path provided by the Marketplace Partner to each of the applicable app base URLs. Initially, the healthcheck path provided via the Cloud Fortified app approval request will be used. If you would like to change your healthcheck path, please submit a request here. We are also exploring making self-serve modification of the healthcheck path available later.
When a user installs your Forge app via installation link, we now display a link to your app settings page on the installation success popup:
The link will only show to users if you have an app settings page for your app. If you don’t have an app settings page, you can add one by including either the Jira admin page or Confluence global settings module in your app’s
The installation success notification can currently only display one link to a single app configuration page. If the
confluence:globalSettings or the
jira:adminPage have both
useAsGetStarted pages specified, then only the link to the
useAsConfig page will be displayed.
The link to an app’s configuration page will only be displayed if the direct distribution link is generated for a single product. For example, the link to the configuration page will not be displayed if an app is installed on both Jira and Confluence, but it will be displayed if the app is installed on only Confluence.
This feature isn't available for Compass apps.