Last updatedSep 8, 2020

Rate this page:

Scopes

Scopes enable an app to request a level of access to an Atlassian product.

  • Within a product instance, an administrator may further limit app actions, enabling administrators to safely install apps they otherwise would not.
  • The scopes may provide the potential to access beta or non-public APIs that are later changed or removed from the Atlassian product. The inclusion of the API endpoint in a scope doesn't imply that the product makes this endpoint public. Read the Jira Cloud platform REST API documentation for details.
  • Some scopes automatically imply that the app is granted other scopes.

Scopes for Atlassian Connect apps

If you are building an Atlassian Connect app for Confluence, use the following scopes:

Scope nameDescriptionImplied scopes
NONEAccess app-defined data. This scope doesn't need to be declared in the descriptor.
READView, browse, read information from Confluence.NONE
WRITECan create or edit content in Confluence, but not delete them.READ, NONE
DELETEDelete entities from Confluence.WRITE, READ, NONE
SPACE_ADMINAdminister a space in Confluence.DELETE, WRITE, READ, NONE
ADMINAdminister the entire Confluence instance.SPACE_ADMIN, DELETE, WRITE, READ, NONE
ACT_AS_USERAccess content using the permissions of the user running the app.
ACCESS_EMAIL_ADDRESSESGet the email addresses of users.

Scope names can be provided in all lowercase or all upper case, for example, read or READ.

Example

Scopes are declared as a top level attribute of atlassian-connect.json app descriptor as in this example:

1
2
3
4
5
6
7
8
{
    "baseUrl": "http://my-addon.com",
    "key": "atlassian-connect-addon",
    "scopes": [
        "read", "write"
    ],
    "modules": {}
}

Rate this page: