5.2.4 "Connected" but inaccessible?

Owned by Junfeng Liu
Aug 31, 2022
2 min read

Learn about link access rules:

Regardless of OAuth (impersonation) or Oauth, if you want to access the data of the other application from one end of the application, you must confirm which user you want to access the data as the other end.

The authentication under OAuth(impersonation) is to automatically match the user names of the applications on both ends. Take Confluence accessing Jira data through the application link as an example, if the current login user of Confluence is "kaifa1", when accessing jira data through the application link , the remote jira side will match the temporary token granted access by the user "kaifa1", and return it to the confluence side with the data that the jira "kaifa1" user can access. If there is no user "kiafa1" on the jira side, there is no identity to access jira , resulting in anonymous access to confluence without identity, and no access to any data ("OAuth (impersonation)");

OAuth can avoid the problem that the jira side cannot match the user to a certain extent, because the real access token needs to be used, and the temporary token will not be automatically matched, so the user must first go to the remote end of the application to authorize and get the Oauth of the remote end user .

The following is the current application link status

 

 

 

Scenario 1:

The outgoing and incoming methods of links are in OAuth (impersonation), but there is no currently logged in user at the remote end. Take the case of "kaifa1" in the configuration and no "kaifa1" in the JIRA side, the problem of anonymity and no identity will occur in the configuration access and no data can be accessed.

Scenario 2:

The outgoing and incoming methods of links are in Oauth, but the current user does not access the token Oauth on the remote side, causing the problem of no token anonymity and no access to any data.

Scenario 3:

The outgoing and incoming methods of links are in Oauth, but the user who is given access token OAuth by the current user at the remote end is deleted, which leads to the problem of anonymity and no access to any data.