Changelog

This page includes release notes and updates for Jira Cloud app developers. Use this page to keep track of upcoming changes, deprecation notices, new features, and feature updates from Jira Cloud.

Go to our developer community to ask questions. You may also be interested in the What's New blog for Atlassian Cloud where details of major changes that affect all users of the Jira Cloud products are announced.

4 August 2021

notice - Deprecation Deprecation of persistent refresh tokens for OAuth 2.0 integrations

From 4th August 2021, persistent refresh tokens are deprecated. All new OAuth 2.0 integrations use rotating refresh tokens.

During the deprecation window, you’ll be able to switch between both refresh token behaviors in the developer console.

From 1st November 2021, all OAuth 2.0 integrations must use rotating refresh tokens and the refresh token options in the developer console are removed.

Learn more about this change and chat with us on the developer community post.

24 June 2021

added OAuth 2.0 Webhooks

OAuth 2.0 apps can now listen to dynamic webhooks. Apps manage dynamic webhooks using the Webhooks resource. See the Webhooks documentation for more information.

21 June 2021

removed Delete board operation for team-managed projects in Jira Software

As team-managed projects in Jira Software only support one board, the ability to delete the board from a team-managed project has been removed from the Delete board operation. The operation continues to support the deletion of boards from company-managed projects. See the developer community post Change notice: DELETE Board API in Jira Software team-managed projects for more details

18 June 2021

notice - change Connect app lifecycle events security improvements

The first install callback sent by Atlassian to your Connect app is not signed. This could present a security risk. This change ensures that all install and uninstall callbacks are signed so you can verify that a request is genuine. This is a breaking change. Affected apps must be updated by 20 Aug 2021.

See the developer community post Action Required - Atlassian Connect installation lifecycle security improvements for more details.

15 June 2021

Notice - Deprecation conditions parameter in workflow search response

The conditions body parameter in Get workflows paginated (GET /rest/api/3/workflow/search) will not be returned after 15 December 2021. The change affects all API versions.

See Deprecation of conditions body param for more information.

Bug fixes Bug in new user's default roles fixed

A bug that caused new users to get more roles than the site admin had configured for the site is fixed.

See the full announcement here

Notice - Deprecation Deprecation of field values Epic Link and Parent in issue history changelogs

Atlassian is standardizing the reparenting of issues across the Jira products. As a consequence, several REST API operations and webhooks will cease to report Epic Link and Parent values in field in issue history changelogs.

See Deprecation notice: Issue changelogs for issue parenting for more detail.

25 May 2021

notice - change JQL queries containing issuekey or issue changes

JQL queries containing issuekey or issue will have the error messages and response code changed.

See the full announcement here

1 May 2021

Notice - Deprecation Deprecation of hierarchy level on issues

Atlassian is standardizing how issue type hierarchies are created and configured across the Jira product suite. As a consequence, several REST API operations will cease to report a hierarchy level on issues from 1 November 2021.

See Deprecation notice: Hierarchy level changes for more detail.

16 April 2021

Notice - Deprecation Deprecation of context JWTs without QSH

A breaking API change will be made to Atlassian Connect in Jira and Confluence Cloud to mitigate a vulnerability in the verification of the qsh claim in Connect JWT authentication. The change affects apps that specify an authentication descriptor setting of jwt.

See more at https://community.developer.atlassian.com/t/action-required-atlassian-connect-vulnerability-allows-bypass-of-app-qsh-verification-via-context-jwts/47072

added Rebranding of Jira classic and next-gen projects

Classic and next-gen projects in Jira now have new names that are clearer and more descriptive of their corresponding project types:

• Next-gen projects will be named team-managed projects. The functionality itself remains the same and will continue to be ideal for independent teams who want to control their own working processes and practices in a self-contained space.
• Classic projects will be named company-managed projects. Set up and maintained by Jira admins, company-managed projects will remain the best choice for teams who want to work with other teams across many projects in a standard way, such as sharing a workflow.

Learn more about how we're simplifying project creation in Jira.

25 March 2021

Notice - Deprecation Deprecation of JQL searches on custom fields of types Domain of reporter and Domain of assignee

JQL clauses using custom fields of types Domain of reporter and Domain of assignee will no longer be supported as of 01 October 2021.

See more at https://community.developer.atlassian.com/t/removal-of-support-for-domain-of-reporter-and-domain-of-assignee-custom-field-types-in-jql/46467

17 March 2021

updated Adding browse project permission check for viewing custom issue type avatars

From 5 April 2021, we're introducing a permission check to the GET avatars operation when fetching issue type avatars. Custom avatars are only returned if the user has the Browse projects project permission for at least one project the issue type avatar is used in.

Additionally, when trying to view a custom issue type avatar using the /secure/viewavatar path, if the user doesn't have the required permission the appropriate system default avatar is returned.

See Adding browse project permission check for viewing custom issue type avatars for more detail.

9 February 2021

Notice - Change Removing hierarchy level IDs from next-gen APIs

We are removing hierarchy level IDs and entityIDs from next-gen project APIs. Jira will stop returning id, entityId, entityUuid, baseLevelId, aboveLevelId, belowLevelId, and projectConfigurationId on 1 September 2021.

For more details see Change notice: Removing hierarchy level IDs from next-gen APIs

8 December 2020

Notice - Deprecation Deprecation of the Issue custom field options operations

Some operations of the Issue custom field options resource have been replaced with new versions. As a result, the legacy operations in the Issue custom field options resource will be removed on 8 May 2021.

See Removal of custom field options operations for more detail.

22 October 2020

updated Path name changed for custom field options operations

On 22 October the path of experimental operations Get options for field (context), Reorder options (context) and Delete custom field option (context)
changed from customfield to field. Also, the format of fieldId changed to 'customfield_xxxxxx'.

7 April 2020

notice - change Enhanced validation of OAuthClientIds

Commencing on 16 June 2020 and rolling out over two weeks Connect app security is being enhanced by ensuring old OAuthClientId values can not be used.

See Enhanced Validation of OAuthClientIds for more detail.

21 March 2020

updated New sandboxing of Connect App iFrames

From 1 April 2020 the Connect App iframe security is being improved by the sandboxing of various features.

See New sandboxing of Connect App iFrames for more detail.

4 March 2020

Notice - Deprecation Removal of some Connect App install payload fields

On 10 September 2020 the following legacy fields will be removed fron the Connect app install payload:

• pluginsVersion
• serverVersion

See Removal of some Connect App install payload fields for more detail.

11 September 2019

Notice - Deprecation toString representation of sprints in Get issue response

From 1 September 2020, Jira REST API responses that include the Sprint custom field type will no longer return string representations of sprints in the body.

See toString representation of sprints in Get issue response for more detail.

1 October 2019

notice - change Transition Issue API now returns HTTP 409 error code for resource conflict

Some time after 4 May 2020 calls to Transition Issue blocked because another issue transition is being executed will return the status code with 409 (conflict) rather than a 400 (bad request).

See Update in simultaneous transitions of an issue via API for more detail.

20 August 2019

notice - change Padding update for Jira Cloud navigation UI

From 22 Aug 2019 the spacing between Jira’s navigation sidebar and vendor applications is increased by 20px.

See Padding update for Jira Cloud navigation UI for more detail.

15 July 2019

Notice - Deprecation Removal of the ability to disable time tracking

From 16 January 2020 it will no longer be possible to disable time tracking in the Jira Cloud UI and Jira Cloud REST API.

See Removal of the ability to disable time tracking for more detail.

3 June 2019

Notice - Deprecation Updating project types using the REST API

From 3 December 2019 it will no longer be possible to change project type in Jira Cloud via REST APIs.

See Updating project types using the REST API for more detail.

8 March 2019

Notice - Change GET search optimized for fields id and key

id and key fields in GET /rest/api/2/search now return a maximum of 1000 entries.

See GET search optimized for fields id and key for more detail.

28 February 2019

Notice - Deprecation Major changes to Jira Cloud REST APIs to improve user privacy

By 29 April 2019 data used to identify users, such as username and userKey, will be removed from the REST API and replaced by the Atlassian account ID (accountId).

See Deprecation notice and migration guide for major changes to Jira Cloud REST APIs to improve user privacy for more detail.

18 October 2018

Notice - Deprecation Removal of non-paginated project and filter operations

From 1 April 2019 the paginated operations for filters and projects must be used.

See Removal of non-paginated project and filter endpoints from REST API v2 for more detail.

10 August 2018

Notice - Change Required encoding of some characters used in REST API calls

From 1 April 2019 encoding of some characters used in REST API calls will be required.

See Required encoding of some characters used in REST API calls for more detail.

31 July 2018

Notice - Deprecation Registering webhooks with non-secure URLs

By 31 December 2018 support for non-secure URLs for registered webhooks will be removed.

See Registering webhooks with non-secure URLs for more detail.

16 July 2018

Notice - Change Get my permissions resource now requires the permissions query parameter

From 1 February 2019 the permissions query parameter will be required in all requests to the Get my permissions operation.

See Get my permissions resource now requires the permissions query parameter for more detail.

22 March 2018

Notice - Change Location will become a required field in board creation

From 3 September 2018 REST API requests to create a board  will require a location.

See Location will become a required field in board creation for more detail.

1 March 2018

Notice - Deprecation Basic authentication with passwords and cookie-based authentication

Basic authentication with passwords and cookie-based authentication will be removed in 2019.

See Basic authentication with passwords and cookie-based authentication for more detail.

10 October 2017

Notice - Deprecation Removal of web fragment locations in new Jira Cloud experience

As the new Jira Cloud experience rolls out, several locations for providing content in the Jira Cloud user interface have evolved and been replaced with new APIs. The items removed are the project tab panels, profile tab panels, and project admin summary panels.

See Removal of web fragment locations in new Jira Cloud experience for more detail.