Last updated Feb 10, 2025

Changelog

This page includes release notes and updates for Jira Cloud app developers. Use this page to keep track of upcoming changes, deprecation notices, new features, and feature updates from Jira Service Management Cloud.

Go to our developer community to ask questions. You may also be interested in the What's New blog for Atlassian Cloud where details of major changes that affect all users of the Jira Cloud products are announced.

10 February 2025

Deprecation Notice Deprecation of automation.atlassian.com incoming webhooks for Automation rules

We will remove support for Automation incoming webhooks that reference the automation.atlassian.com domain. Webhooks created before 28 January 2025 are affected. Applications that trigger rules via those incoming webhooks will need to change the URL they use, and add an additional HTTP header. Expand the details for more information.

More details

We're updating the incoming webhooks trigger in Atlassian automation. This update is part of our continuous focus to uplift the security and reliability of automation.

What is changing?

We are deprecating the domain automation.atlassian.com for incoming webhooks, and replacing it with a more secure endpoint in a different domain. The URLs to trigger webhooks have a different structure, and an additional HTTP header is required. The webhooks that use the old domain automation.atlassian.com will stop working on 30 May 2025.

How does that impact me?

All new rules created since 28 January 2025 are already using the new endpoint and header, and no action is required.

Rules with incoming webhooks created before 28 January 2025 will work normally until 30 May 2025 without any change. However, for these rules to continue working after that date, manual changes are required to use the new endpoint before 30 May 2025.

How do I migrate to the new endpoint?

To migrate existing rules to the new endpoint, follow these steps:

  1. Open the Automation rule list in Jira or Confluence.

  2. Click on the ‘Trigger' filter and select the ‘Incoming webhook’ filter. All rules containing an incoming webhook trigger will be shown.

  3. Open one of these rules in the rulebuilder and select the trigger component.

  4. Copy the new URL and secret.

  5. Enter the new URL and secret into your connected application, and add a new HTTP header with the name X-Automation-Webhook-Token. The method to do this can vary between applications, so you may need to check what the instructions are for your application. If your application does not support custom HTTP headers, you can instead insert a slash at the end of the URL and add the secret after this. For example, https://URL/SECRET. This will allow you to update your rules without the need for a HTTP header. However, we recommend using the header if possible, as it provides more security for your secret.

  6. You can verify if the new URL successfully triggered your rule by visiting the audit log after it runs.

  7. Repeat the above steps for all rules containing an incoming webhook trigger.

8 February 2025

Removed Jira and Confluence Cloud API's will reject malformed GET requests with a body payload/data

To improve performance and address constantly evolving threats on the web, Atlassian is enabling AWS Cloudfront Content Delivery Network (CDN) and Web Application Firewall (WAF) for all Confluence and Jira Cloud customers.

This rollout will occur over the coming months, country by country, with each country taking around 1-2 weeks to complete the migration.

This improvement may unfortunately impact a small number of Jira and Confluence Cloud API integrations (like those written in Python, Node/JS, Java, libcurl, Axios, atlassian-connect-express, etc) that are accidentally including a body/data/payload in GET requests.

Such requests will no longer have their body payload silently discarded and continue to be processed. Instead, they will be rejected with a HTTP 403 response code.

Atlassian products such as Loom, Trello, Opsgenie, Statuspage etc already reject GET requests with Body payloads.

For resolution instructions see more details below.

More details

Previously Jira and Confluence Cloud APIs silently discarded any body included with a HTTP GET request and continued to process the request as normal. Unfortunately, AWS Cloudfront will actively reject such requests:

https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/RequestAndResponseBehaviorCustomOrigin.html#RequestCustom-get-body

If a viewer GET request includes a body, CloudFront returns an HTTP status code 403 (Forbidden) to the viewer.

HTTP clients (other than browsers) that attempt to include a body with a GET request will observe a HTTP 403 response code, with text like the following:

1 2 3 4 5 6 7 8 9 403 ERROR The request could not be satisfied. Request blocked. We can't connect to the server for this app or website at this time. There might be too much traffic or a configuration error. Try again later, or contact the app or website owner. If you provide content to customers through CloudFront, you can find steps to troubleshoot and help prevent this error by reviewing the CloudFront documentation. Generated by cloudfront (CloudFront) Request ID: L23_HKTRmXpYbGS8c9dcwq-Zy5fx3_a7htuNzMlvJE6rW814efVx2h==

Unfortunately, it is not possible to configure Cloudfront to preserve the existing silent discard behavior which previously allowed these malformed requests to be successful.

Resolution

To resolve the issue ensure that your HTTP client code for your API integration does not include any body with its GET requests. These are never necessary and were previously discarded.

We have found that some developers are not even aware their program or script is including a body with a GET, and the most common body payloads are as follows:

1 2 3 4 5 {} "" ''

 

I saw the error in my Chrome/Firefox/Edge/Safari etc browser

If you observed the aforementioned error in your browser then the underlying cause is different, as browsers do not send GET requests with a body.

Please contact Atlassian Support, and ideally include the full text of the error, including Trace ID, and a HAR file covering the error:  https://confluence.atlassian.com/kb/generating-har-files-and-analyzing-web-requests-720420612.html  

5 February 2025

Added Minor updates for apps adopting Forge from Connect is now available in Preview for Jira

Until now, the first version of an app to adopt Forge features or migrate fully to Forge required admin approval in order to be upgraded on an existing installation site.

Connect apps moving to Forge can opt-in to have their existing Connect installations updated to their latest Forge version, as long as they do not have an elevation in permissions. The rollout will be staggered over 96 hours by default, but can be further staggered via the staged migration process.

Instructions on how to opt your app in to this feature and check its eligibility can be found at Minor version updates (Connect to Forge) (Preview).

28 January 2025

Deprecation Notice Third-party package mirrors will no longer be available

We are removing mirrors of third-party packages such as maven-central from packages.atlassian.com

More details

We're updating how we provide packages for customers and partners to develop with our platforms. Starting February 1, 2025, we will discontinue providing third-party packages on packages.atlassian.com. Instead, customers and partners must fetch these packages directly from the original upstream repositories.

For details on how this change affects you and for guidance on migration, please refer to the documentation available on Atlassian Developer .

21 January 2025

Announcement Project/Fields Association Improvements for team-managed projects

We are shipping a new page that allows project admins to manage the fields associated in each of their team-managed projects.

Affected APIs

The following APIs providing the fields parameter will be affected, with all and navigable field sets being narrowed down to only those fields that are explicitly added to the project.

Similar changes will be applied to webhooks, with the issue data that is sent by the webhook limited to the fields explicitly added to the project.

When these changes are rolled out, your app will need to:

  • Be able to handle receiving a partial list of fields that can differ between projects and between project/issue-types depending on the custom fields the admin has configured for each project and issue type

  • Be prepared for an admin potentially removing access to a required custom field from a project or project+issue type in which the app is used, at any time

This change will be rolled out progressively late February 2025 onwards. Please leave any further comments on https://community.developer.atlassian.com/t/rfc-70-project-fields-association-improvements-for-team-managed-projects/85254.

7 January 2025

Announcement Taking the Ecosystem Forward: An Update on the Future of Connect

Today we published a blog titled Taking the Ecosystem Forward: An Update on the Future of Connect, which shares an early look at plans to phase out support for Connect. This early announcement is intended for owners of business critical Connect apps, including partners and customers with custom apps, to provide ample time to explore requirements and arrive at a fair timeline for end of support, together.

We’re seeking your feedback to help us shape the next steps for Connect - you can provide your feedback via the survey linked in the blog post.

More details

The blog post details the key stages of our plan, as we progress on this journey. By the final stage, Connect will enter an end of support state (defined in the blog post), where apps can continue to utilise Connect modules, but do so at their own risk. At this stage, we do not have definitive dates for each of these phases - determining a fair and appropriate end of support date will be a joint effort with our partners and other app builders. The purpose of today’s announcement is to start that conversation.

18 December 2024

Request for Comments (RFC) RFC-79: Jira Cloud REST API Endpoints for Plans

12 December 2024

Added Introducing UI Kit ADF Renderer component in preview

The AdfRenderer component provides a way to render a valid ADF document, using the same renderer that Atlassian uses internally to render ADF content in Confluence pages, Jira work items, and so on. See ADF renderer for the full docs.

More details

The ADF renderer component also allows you to replace node types that are unsupported in the context of a Forge app with replacement content, or remove them entirely.

See Atlassian Document Format for information on valid nodes.

Run npm i @forge/react@latest to install the preview version of the components and try them out now.

5 December 2024

Removed  UI Kit @forge/react version 9 has been retired

We have now removed the UI Kit @forge/react version 9 from the Forge platform. This UI Kit version was deprecated on Aug 28, 2024.

We recommend using the latest version of UI Kit (@forge/react10).

For more information, see our deprecation policy.

3 December 2024

Deprecation Notice Changes to Assets ObjectTypeAttribute and ReferenceType response body

We are making changes to the ObjectTypeAttribute and ReferenceType response payload for all endpoints within the REST API’s for Assets in Jira Service Management cloud.

  • We will be removing the objectAttributeExists attribute from the ObjectTypeAttribute response payload across all endpoints.

  • We will be removing the removable attribute from the ReferenceType response payload across all endpoints.

These changes will be made on or after Jan 31, 2025

More details

In the interest of performance, we will be removing support for the objectAttributeExists attribute from the ObjectTypeAttribute response payload and the removable attribute from the ReferenceType response payload for all endpoints. The following endpoints are affected:

2 December 2024

Added New Jira issue navigator action Forge module

We’ve added the jira:issueNavigatorAction module to Forge. You can use it to create custom actions on the issue navigator view. For more details, see the Jira issue navigator action documentation.

To be able to use the new module, you must first update the Forge CLI:
npm install -g @forge/cli@latest

Added New display conditions in Jira

We’ve just introduced multiple new display conditions for use with Jira Forge modules, including conditions for checking entity properties. The new arrivals also include conditions for app licenses and permissions, as well as the powerful Jira expression condition. We’re happy to say that, with this change, Forge display conditions have now reached feature parity with Connect.

See more details in the documentation: Display conditions.

19 November 2024

Announcement New process for reporting bugs and incidents to Ecosystem support

We now accept bug and incident reports under a single new request type: Ecosystem Support Request. This change simplifies the process of reporting issues to our support team, so that we can handle your issue more efficiently, and ensure consistent handling for all critical issues, particularly incidents.

We’ve also detailed the scope of our Developer and Marketplace support, so you have a better understanding of supported issues and response times.

10 November 2024

Deprecation Notice Third-party package mirrors will no longer be available

We are removing mirrors of third-party packages such as maven-central from packages.atlassian.com

More details

We're updating how we provide packages for customers and partners to develop with our platforms. Starting February 1, 2025, we will discontinue providing third-party packages on packages.atlassian.com. Instead, customers and partners must fetch these packages directly from the original upstream repositories.

For details on how this change affects you and for guidance on migration, please refer to the documentation available at http://developer.atlassian.com .

22 October 2024

Announcement Withdrawing issue creation permissions for the ACJIRA project

The Atlassian Connect in Jira Cloud project in the Atlassian Ecosystem Jira tracks issues with Atlassian Connect in Jira and its REST API. To improve response times, we’re no longer accepting new issues in this Jira project as of this announcement. Instead, we encourage our partners to file issues with Developer and Marketplace support.

Rate this page: