Rate this page:
This page includes release notes and updates for Confluence Cloud app developers. Use this page to keep track of upcoming changes, deprecation notices, new features, and feature updates from Confluence Cloud.
For updates about changes to the Forge platform, see the Forge changelog in the Forge documentation.
You can also ask questions and learn from other Confluence Cloud developers on the Atlassian Developer Community.
We’ve added the route parameter for the confluence:spaceSettings module. The parameter is used in the URL to access the app directly. It must be unique across all space settings modules within a Forge app.
See the Confluence space settings reference documentation for more details.
On 22 February, we announced the availability of new scopes for Forge and OAuth 2.0 (3LO) apps. Following concerns raised by our developer community, we have now paused the deprecation of classic scopes and removed the requirement to transition your app to new scopes by 23 August 2022.
There is no action for you to take regarding your app scopes at this stage. Apps using either classic or new scopes can continue to do so. For those that haven’t adopted new scopes yet, please continue using classic scopes – we’ll let you know when you can start transitioning.
FAQ
Q1: I have already updated my app with new scopes. Will it stop working now?
A1: Your app will continue to work with new scopes. There is no need for you to make any further changes.
Q2: Am I going to need to roll back to the classic scopes?
A2: You do not need to roll back to classic scopes.
Q3: Does this mean the new scopes are not be reliable?
A3: Using new scopes is in no way less reliable than classic scopes. Both new and classic scopes are equally as reliable to use for your app.
Q4: Will I have to update to another, newer set of scopes?
A4: We have now started a review process of the new scopes and intend to run extensive usability studies with our partners. Once we have more clarity on the best solution, we will update you via the changelog and developer community.
An improvement will be made in the coming days to allow customers (site admins) to turn off (or back on) end-user installation capabilities for OAuth 2.0 (3LO) apps. If you are a developer of OAuth 2.0 (3LO) apps, you do not need to take any action as a result of this change, as this message is only to communicate the impact to the customer.
Previously, controls were not in place for an admin to block their users from installing 3LO apps. Adding the ability for an admin to prohibit users from installing 3LO apps now aligns more closely to how a user would install any other, non-3LO apps on the Marketplace. This functionality was requested by several Atlassian enterprise customers to gain increased control over where their data is shared and which apps have access to their instance. By allowing admins to control end-user app installs, we are making it possible for more enterprise customers to move to cloud. Once in cloud, these companies will not be blocked from installing 3LO apps, because admins will retain the ability to vet and install the apps at their discretion.
Figure (a) below demonstrates the section of the customer’s admin console where they will now be able to block their users from installing 3LO apps. Figure (b) below shows the new experience when a customer tries to install a 3LO app after their admin has disabled this function.
If a customer attempts to install a 3LO app after their admin has disabled this function, the following error message will appear:
App is blocked by an admin
An admin has not allowed [App Name] to access data from [Your Atlassian Instance] . Select another site to authorize access to or contact your admin for more information.
(a)
(b)
We’ve added the Delete page tree operation to the Confluence REST API. This operation moves a page and all its descendent pages to trash. This simplifies deleting a page tree, as previously each item in the tree had to be deleted separately.
All Connect app installs and upgrades will receive a new install payload with a new secret.
installed lifecycle eventYour app may receive installed callbacks in different circumstances. When this occurs, handle the clientKey and/or sharedSecret accordingly:
App installation - A new sharedSecret is created for each installation. When callback is successful, an enabled lifecycle callback event will be sent.
App upgrade - A new sharedSecret is created for every app upgrade. When callback is successful, an enabled lifecycle callback event will be sent.
Secret rotation - A new sharedSecret is created, installed app version does not change for the site.
Site rename - App receives an installed lifecycle callback with a new baseUrl (Atlassian site)
App install following Site Import - New clientKey and sharedSecret are created and shared. If there's an existing installation record for a site (Atlassian product's baseUrl) under a different clientKey, your app should associate the site with the new clientKey and the sharedSecret.
For more information, please see:
We've introduced Confluence display conditions support for the following Forge modules:
confluence:contextMenu
confluence:contentAction
confluence:globalPage
confluence:globalSettings
confluence:spaceSettings
To better handle user time zone, we’ve:
Updated the timeZone field description for the user entity, to say that the time zone field will be null if the user has not set up a time zone, or is restricted in profile visibility settings
Added a new field defaultTimeZone to response entity (SystemInfoEntity) in the systemInfo API
The original OAuth scopes for Forge and OAuth 2.0 (3LO) apps on Confluence Cloud, Jira Cloud platform, and Jira Service Management Cloud are deprecated.
All Forge and OAuth 2.0 (3LO) apps must use the new scopes by 23 August 2022 PDT / 24 August 2022 AEST. After this date, only apps using the new scopes will function as expected, as the original scopes will have been removed.
See the following documentation for more details:
Jira Cloud platform scopes for OAuth 2.0 (3LO) and Forge apps
Jira Service Management Cloud scopes for OAuth 2.0 (3LO) and Forge apps
Run npm install -g @forge/cli@latest on the command line to install the latest version of @forge/cli.
We’re introducing new scopes for Forge and OAuth 2.0 (3LO) apps that run on Confluence Cloud. This is part of Atlassian’s initiative to enhance security and build customer trust.
The new scopes provide administrators and users with finer-grained information about the data that apps can access, enabling them to make better decisions about installing apps.
See Confluence Cloud scopes for more details.
We added a new set of Confluence APIs for User properties. In addition to addon, content, and space properties, Confluence now lets you store user properties and wire them in to equivalent hosted data storage conditions.
Note that these properties are at a site level per user per app and not at the space or content level. Furthermore, we are ensuring properties stay isolated amongst different developer apps.
We’ve updated how staticContentMacros items are rendered on legacy pages. Rendering is now done in parallel to improve page load times.
In addition to existing events related to Confluence pages, blogposts, tasks, and comments, Forge apps can now subscribe to Confluence space events. For historical reasons, they all have a :V2 suffix:
Created: avi:confluence:created:space:V2
Updated: avi:confluence:updated:space:V2
See examples and payload information here.
We’ve introduced a global page module (confluence:globalPage). This module adds an item in the Apps section of the main navigation. When the menu item is selected, Confluence renders a new page. Use the UI kit or custom UI to create content for the page.
Run npm install @forge/ui@latest on the command line in your app directory to install the latest version of the UI kit.
We’ve released a fix for https://ecosystem.atlassian.net/browse/FRGE-212. Forge apps and Connect on Forge apps can now access restricted APIs by defining additional scopes in their manifest. For new app and new scopes added to an app, scopes are added to the manifest and deployed. However, for Forge apps with existing scopes, for the correct scope behavior to take effect a major version update is needed. The scopes are then synced with the next installation or upgrade.
We have enhanced APIs to include optional response parameter total size. You can now:
These will return the total counts of objects before pagination is applied.
Total size parameter is retrieved if it is explicitly requested. To request total size parameter we have added a new request parameter shouldReturnTotalSize.