Open issues

https://auth.atlassian.io/oauth2/token responds with 400 on internal timeout instead of 503
AC-2510
Allow customers (or add-ons) to customize the add-on user Display name
AC-2507
Ability to disable self as an app
AC-2503
Connect users remain active when the add-on is uninstalled
AC-2499
API for tenant lifecycle status
AC-2490
Remove undocumented legacy iframe URL query parameters
AC-2457
Return error information if an add-on tries to do user impersonation of an add-on user
AC-2446
User_is_logged_in condition state is not immediately updated after user is disabled
AC-2445
Validate web fragment locations against a whitelist
AC-2383
Perform strict schema validation
AC-2381
Include conditions and their parameters in the JSON schema
AC-2368
Display metric alarms to JIRA and Confluence add-on developers
AC-2367
Add "I'm a developer" to the JIRA and Confluence onboarding flows
AC-2340
Calls to /rest/atlassian-connect/1/addons/{addonKey} do not return host.contacts.*
AC-2322
Error provisioning add-on user due to missing default group for some applications
AC-2320
Need condition that compares an entity property with another entity propery
AC-2310
Opt-in concurrency support for hosted properties
AC-2279
New tenant clientkeys
AC-2277
Add rate-limiting for requests from add-ons
AC-2261
Improve communication around service desk agents in cloud dev instances
AC-2256
Atlassian Connect add-on integrations with JIRA and Confluence mobile
AC-2225
Send "state-token" back to add-on to identify organization from multi-tenant SaaS application on install/REST requests
AC-2199
User impersonation does not to work when attaching a file to a JIRA issue
AC-2186
can_use_application for cross application conditions
AC-2162
Navigation menu will not expand when being placed under More section
AC-2154
The postInstallPage and configurePage should be web items instead of general pages.
AC-2103
Addon vendors need a way to flag users to contact them
AC-2073
Support routing of failed delivery webhook traffic to an endpoint that isn't the addons primary endpoint
AC-2068
User Impersonation - Add impersonator to webhook events
AC-2054
Can Atlassian Connect generate a token that I can use to securely talk to another add-on?
AC-2031
Improve cloud dev on-boarding process for Confluence developers
AC-1939
Trigger download of add-on descriptor from remote host via REST API
AC-1913
Support JWT in URL fragment
AC-1912
As Connect add-on developer, I want certain content/entity properties pre-fetched into my module call, to improve user experience
AC-1900
Allow for add-ons to register webhooks dynamically
AC-1871
Create an access log of all of the requests that an add-on makes to the host product
AC-1858
Solve the "locations" problem in JIRA and Confluence once and for all
AC-1856
Allow the ability to migrate the baseUrl for an Atlassian Connect add-on.
AC-1855
Write the documentation for the entity properties contains condition
AC-1851
Create P2 condition for Confluence called entity_property_contains
AC-1850
Create the entity_property_contains condition for add-on conditions
AC-1849
Create P2 condition for JIRA called entity_property_contains
AC-1848
Condition that compares a user property with a global property
AC-1846
Ability to handle webooks with statically provided code
AC-1839
Add conditions to Webhooks
AC-1824
Register webhooks with filters
AC-1817
Update the license conditions to select other addons
AC-1815
Provide a link to the Marketplace listing for the add-on in error messages instructing the customer to contact the vendor
AC-1761
Context parameters in webhook URLs don't work
AC-1692
Iframe module URL's for the root of the add-on host have two slashes
AC-1663
issue 1 of 120

https://auth.atlassian.io/oauth2/token responds with 400 on internal timeout instead of 503

Description

We're developers of Structure for Cloud. Our app needs to make requests on behalf of users of our app.
In the interval of time between 2019-09-12T09:46:51.508+0300 and 2019-09-12T09:46:56.838+0300 we've sent a request to https://auth.atlassian.io/oauth2/token and received a response with status 400 Bad Request and the following payload:

Internal problems like the one described in the error response should be reported as server problem — e.g., 503 Service Unavailable, — not client error like 400 Bad Request, because the request is fine by itself.

We are affected by that because we need to spend resources acting on such errors — in case we are using the resource in the wrong way. If it was marked as 503, we wouldn't waste time acting on it.

This was previously mentioned in https://ecosystem.atlassian.net/browse/AC-2502, which is now marked as "Fixed". The comment there quotes https://ecosystem.atlassian.net/browse/DEVHELP-2969 which has the same error.

Environment

None

Testing Notes

None

Status

Assignee

Unassigned

Reporter

Igor Baltiyskiy

Labels

None

Add-on Type

None

Team

None

CC

None

Risk factor

None

QA Kickoff Status

None

QA Demo Status

None

Priority

Major
Configure