Scopes for Connect and OAuth 2.0 (3LO) apps

Scopes enable an app to request a level of access to an Atlassian product.

Within a product instance, an administrator may further limit app actions, enabling administrators to safely install apps they otherwise would not.
The scopes may provide the potential to access beta or non-public APIs that are later changed or removed from the Atlassian product. The inclusion of the API endpoint in a scope doesn't imply that the product makes this endpoint public. Read the Jira Cloud platform REST API documentation for details.
Some scopes automatically imply that the app is granted other scopes.

Scopes for Atlassian Connect apps

If you are building an Atlassian Connect app for Jira, use the following scopes:

Scope name	Description	Implied scopes
`NONE`	Access app-defined data. This scope does not need to be declared in the descriptor.
`READ`	View, browse, and read information from Jira.	`NONE`
`WRITE`	Create or edit content in Jira, but not delete content.	`READ`, `NONE`
`DELETE`	Delete content in Jira.	`WRITE`, `READ`, `NONE`
`PROJECT_ADMIN`	Administer a project in Jira.	`DELETE`, `WRITE`, `READ`, `NONE`
`ADMIN`	Administer the Jira site.	`PROJECT_ADMIN`, `DELETE`, `WRITE`, `READ`, `NONE`
`ACT_AS_USER`	Access content using the permissions of the user running the app.
`ACCESS_EMAIL_ADDRESSES`	Get the email addresses of users.

Scope names can be provided in all lowercase or all upper case, for example, read or READ.

Scopes are declared as a top level attribute of atlassian-connect.json app descriptor as in this example:

{
    "baseUrl": "http://my-app.com",
    "key": "atlassian-connect-app",
    "scopes": [
        "read", "write"
    ],
    "modules": {}
}

If your app uses OAuth 2.0 authorization code grants (3LO) for authorization, use the following scopes:

Scope name	Summary	Description
`read:jira-user`	View user profiles	View user information in Jira that the user has access to, including usernames, email addresses, and avatars.
`read:jira-work`	View Jira issue data	Read Jira project and issue data, search for issues and objects associated with issues like attachments and worklogs.
`write:jira-work`	Create and manage issues	Create and edit issues in Jira, post comments as the user, create worklogs, and delete issues.
`manage:jira-project`	Manage project settings	Create and edit project settings and create new project-level objects (for example, versions and components).
`manage:jira-configuration`	Manage Jira global settings	Take Jira administration actions (for example, create projects and custom fields, view workflows, and manage issue link types).
`manage:jira-webhook`	Manage Jira webhooks	Fetch, register, refresh, and delete dynamically declared Jira webhooks.

The summary of a scope is displayed to the user on the consent screen during the authorization flow.