Configuring the Privileged user credentials
- Denny Miller
Due to limitations with the Forge platform, CSUM-Cloud requires a privileged user email and API token to be set. Requirements for the permissions the Privileged User needs are listed in App Security Scopes | Privileged User Permissions
Configuring privileged user credentials
Generate an API token for a valid User that has System Admin permissions. See https://support.atlassian.com/atlassian-account/docs/manage-api-tokens-for-your-atlassian-account/ for details on how to generate an API token.
In CSUM-Cloud, insert the user email and API token into the Global Settings page:
What happens if credentials are not configured?
Only system admins are currently able to perform group and/or membership operations. If you are not a system admin, attempting these operations will result in an error.
Certain actions, such as group membership changes, are only available with System Admin permissions. It is possible to install CSUM-Cloud and configure the appUser (The user account that makes requests to Confluence for the app) to not have the correct permissions.
This results in unauthorized requests, which cause errors when making requests to Confluence.
Due to this, when credentials are not configured, CSUM-Cloud will not be able to return space page content. Instead, the following message is displayed:
I have Admin permission, why does this need configuring?
The privileged user authentication is separate to the Admin permission access. Both are required to use CSUM-Cloud
The privileged user credentials are used to make requests using the CSUM-Cloud app to the relevant Confluence REST API endpoints when performing space operations (Create Group, Add user, etc).
The admin permission is used to gain access to view the app.
Please see https://thepluginpeople.atlassian.net/wiki/x/AQBNAQE for more information on Permission configuration.