Rate this page:
This page includes release notes and updates for Jira Cloud app developers. Use this page to keep track of upcoming changes, deprecation notices, new features, and feature updates from Jira Service Management Cloud.
Go to our developer community to ask questions. You may also be interested in the What's New blog for Atlassian Cloud where details of major changes that affect all users of the Jira Cloud products are announced.
We’re opening a 3 month deprecation period where Workflow status properties with the shape jira.permission[.subtasks].{permission}.group.[.suffix] will require a group id instead of a group name.
To ensure we can rename groups safely, we’ll no longer support group names in status properties.
If your workflow uses a status property with the shape jira.permission[.subtasks].{permission}.group.[.suffix], your admin will have to change the value to the group’s id.
Site admins can find a group’s id by going to Settings > User management > Groups. After selecting a group, the id will be at the end of the URL.
If your app uses the above Workflow status properties you will need to update your code to use group id’s instead of group name by the end of the deprecation period.
We previously announced the deprecation of JWT query strings as a means to authenticate to the product REST APIs as a Connect app in August 2021 - Action Required: Deprecating support for passing Connect JWTs as a query string parameter to Atlassian APIs. This was to be enforced on Feb 1, 2022, however the enforcement of this change was not comprehensive and a small number of apps continued to use the existing query string method.
We’re now proceeding with the complete removal of ?jwt= query string support from the Jira and Confluence APIs. If you currently still utilise JWT query strings, you will be allowlisted to continue until Aug 31, 2023 without any action on your end. After this date, the Atlassian Jira and Confluence APIs will no longer inspect the ?jwt= query string parameter and requests for all apps, and consequently may fail with a HTTP 401 response.
Please utilise the JWT auth header as a means to authenticate as outlined in: https://developer.atlassian.com/cloud/jira/platform/understanding-jwt-for-connect-apps/#creating-a-jwt-token
Accepting sensitive JWTs as a query string parameter presents a problem as the query string is often saved in web browser history, passed through Referers to other web sites, stored in web logs such as intermediate proxy servers.
If your app provides its Connect JWT to the Atlassian APIs as a query string parameter, you must update it to pass the JWT via an Authorization: JWT header.
We’re now proceeding with the complete removal of ?jwt= query string support from the Jira and Confluence APIs. If you currently still utilise JWT query strings, you will be allowlisted to continue until Aug 31, 2023 without any action on your end. After this date, the Atlassian Jira and Confluence APIs will no longer inspect the ?jwt= query string parameter and requests for all apps, and consequently may fail with a HTTP 401 response."
Added Singapore as supported realm for Connect data residency.
As a reminder, if you indicate support for a realm, it means your app stores the relevant, in-scope data only in that realm - any in-scope data that your app stores must be stored in that realm. You should not declare the regionBaseURL for Singapore unless you use storage infrastructure in Singapore to pin in-scope data for customers in this region. For more information, please refer to the Connect data residency documentation.
The src property of the UI Kit Image component will go through a permission check in the near future.
A specific date cannot be given for this change since it will depend on when each product adopts it.
If the Image component is using an URL as its source, follow this External Permissions - Image guide to add permissions for that URL.
data:image URIs will be allowed by default as the Image source.
If the corresponding permission is not given to the source of the image when specified with a URL, then the image will not load.
Previously, Forge apps could only be invoked by licensed, authenticated users. With this new feature, unlicensed users (anonymous users, customer accounts, and unlicensed accounts) can now interact with Forge apps for the first time. This is currently supported only for Jira Service Management modules.
Developers retain complete control over which types of unlicensed users can access specific modules by defining access in their manifest.
Documentation can be found here:
https://developer.atlassian.com/platform/forge/access-to-forge-apps-for-unlicensed-jsm-users/.
To help you debug your Forge apps, the developer console now lets you group your metrics by app function. Each chart now has a Group by dropdown menu, with the option to select Function. For more information, see Monitor your apps.
We’ve introduced a new metric to the developer console - invocation time! You can now see the invocation time for your Forge apps by selecting Metrics in the left menu and scrolling to the new invocation time chart, which shows the speed of your function invocations, separated into time buckets.
You can also select the Go to detailed view link at the bottom of the chart, to get a more in-depth view of invocation time, including the P50, P90, and P95 for individual functions.
We're happy to announce that the custom field and custom field type modules are leaving the Early access program and are becoming generally available. Both modules are ready for production use and we're committed to maintaining them in the current state. We also won’t release any changes that would break backward compatibility without at least six months' notice.
We have now added jiraServiceManagement:portalRequestCreatePropertyPanel to UI kit component templates. This module which was only limited to Custom UI is now extended to UI kit components to build the user interface of your app.
Run npm install @forge/ui@latest on the command line in your app directory to install the latest version of the UI kit.
For more information, see Jira Service Management portal request create property panel documentation.
To make it easier and safer to distribute your Forge app via the developer console, you can now generate new installation links. When you generate a new link, users with the previous link will no longer be able to install your app (however, they can still update to new versions). This gives you more control when distributing your app to specific audiences.
On January 18, 2023, we'll be extending the length of API tokens for Atlassian accounts, API keys, and Repository Access Tokens. This ensures new tokens and keys generated after this date are more secure and reliable. Tokens and keys created before January 18, 2023 won’t be affected.
In the developer console, you can now edit the target value of your Forge app alert. Previously, the alert was set at a target value of 99%. Now you can choose from a number of values between 99% and 60%.
For more information, see Manage app alerts.
The full-page issue create experience will be retired for all Jira Cloud customers over the next 6 months. Although there is no formal API for the full-page issue create experience, it’s possible that some apps may be relying on it and will need to be updated. For more information, read this community post.
The Jira/Confluence Cloud First Releases for Ecosystem initiative has been renamed to Developer Canary Program and now includes an app to provide self-service capabilities for developers.
For more information on how to get started with the program, see the Developer Canary Program documentation.
To access the Developer Canary Program app for:
Jira Cloud, visit the app in Marketplace at Developer Assistant for Jira.
Confluence Cloud, visit the app in Marketplace at Developer Assistant for Confluence.