Display conditions
Permissions

Endpoint

The endpoint module type specifies properties of an endpoint such as its authorization, the key of the remote that hosts the endpoint, and the route to that endpoint relative to the remote's base URL.

To implement custom functionality in your Forge app using a remote resolver, specify the endpoint key in the endpoint property of the resolver object for the module.

PropertyTypeRequiredDescription
keystringYes

A key for the endpoint, which other modules can refer to. Must be unique within the list of endpoints and have a maximum of 23 characters.

Regex: ^[a-zA-Z0-9_-]+$

remotestringYesThe remote key that defines the base portion of the path for this endpoint.
route{path:string}No

The path appended to the baseUrl property of the remote object when invoking this endpoint.

This property is only required for backend module endpoints.

UI module remote resolver endpoint paths are always specified in invokeRemote requests in the app's front end.

authobjectNoAn object that defines the auth options available to the remote endpoint when calling Forge functions
auth.appUserToken.enabledbooleanNo

If true and the remote endpoint is invoked within a user's login session, Forge includes an appUserToken in the Forge Invocation Token it sends to the remote app.

This token can be used by the remote app when invoking an Atlassian product API, to invoke the API with the permissions of the user in whose login session the app is running.

Specifically, the API will have only as much access to the site's data as that user does. For example, if the user does not have permission to see pages in a particular space or issues in a particular project, the API won't provide them access to that space or page, either.

Forge modules that run outside of a user's login session, such as an app lifecycle event or product event are not associated with a user and cannot send an appUserToken to the remote app.

If an endpoint opts to enable remote user token access, the read:appUserToken scope must also be specified in the Permissions section of the manifest.

auth.appSystemToken.enabledbooleanNo

If true, Forge includes an appSystemToken in the Forge Invocation Token it sends to the remote app.

This token can be used by the remote app when invoking an Atlassian product API, to invoke the API with the permissions of the generic "bot user for the app.

If an endpoint opts to enable remote system token access, the read:appSystemToken scope must also be specified in the Permissions section of the manifest.

Modifying the endpoint entries results in a major version upgrade of your app upon deploy. Your app users will again be required to consent to your app's permissions.

Example

1
2
modules:
  scheduledTrigger:
    - key: remote-scheduled-trigger-boot
      endpoint: remote-trigger-boot
      interval: hour
  endpoint:
    - key: remote-trigger-boot
      remote: remote-app-node
      route:
        path: /forge-trigger
      auth:
        appUserToken:
          enabled: true
        appSystemToken:
          enabled: false

Rate this page: