Service Disruption in Confluence Cloud Integration

Incident Report for SAP LeanIX

Postmortem

Incident Description

From 2025-08-07 12:00 UTC to 2025-08-08 11:00 UTC, users across EU, US, and AUS regions experienced login failures when accessing the Confluence Cloud integration. The login popup window opened and closed immediately, preventing successful authentication and causing Confluence macros to fail rendering content.

During this period, affected customers were unable to complete Confluence Cloud login flows, significantly impacting user experience.

Incident Resolution

The root cause was traced to a security fix that introduced this unexpected behavior.

Reverting the PR restored access to the modal, allowing inter-window communication and a successful login completion.

Root Cause Analysis

The security fix was essential but introduced unintended side effects by disabling access to window.opener. The existing login flow depended on this property to post messages between popup and parent windows.

The interaction between modern security best practices and existing application logic, particularly around iframe and popup window messaging, was not fully tested. Testing iframe behavior in local environments is inherently challenging, limiting early detection.

Preventative Measures

  • Collaborate with cross-functional teams to support complex test scenarios involving inter-window communication.
  • Enhance monitoring and alerting around critical login flows to detect regressions promptly.
Posted Aug 18, 2025 - 12:31 UTC

Resolved

This incident has been resolved. We appreciate your patience and understanding.
Posted Aug 08, 2025 - 12:29 UTC

Monitoring

We have implemented a fix and have seen full recovery of functionality. We will continue to monitor the situation.
Posted Aug 08, 2025 - 11:59 UTC

Investigating

We are currently experiencing a service disruption in the Confulence Cloud Integration. Our team is working to identify the root cause and implement a solution.

We will send an additional update in 2 hours.
Posted Aug 08, 2025 - 10:10 UTC
This incident affected: AE Instances, AU Instances, BR Instances, CA Instances, CH Instances, DE instances, EU Instances, JP Instances, SG Instances, UK Instances, and US Instances.