Scopes

Scopes allow an app to request a particular level of access to an Atlassian product.

Within a particular product instance, an administrator may further limit app actions, allowing administrators to safely install apps they otherwise would not.
The scopes may allow the potential to access beta or non-public APIs that are later changed in or removed from the Atlassian product. The inclusion of the API endpoint in a scope does not imply that the product makes this endpoint public. Read the Jira Cloud platform REST API documentation for details.

Scopes for Atlassian Connect apps

If you are building an Atlassian Connect app for Jira, use the following scopes:

Scope name	Description
`NONE`	Access app-defined data. This scope does not need to be declared in the descriptor.
`READ`	View, browse, and read information from Jira.
`WRITE`	Create or edit content in Jira, but not delete content.
`DELETE`	Delete content in Jira.
`PROJECT_ADMIN`	Administer a project in Jira.
`ADMIN`	Administer the Jira site.
`ACT_AS_USER`	Enact services on a user's behalf.
`ACCESS_EMAIL_ADDRESSES`	Get the email addresses of users.

Scopes are declared as a top level attribute of atlassian-connect.json app descriptor as in this example:

{
    "baseUrl": "http://my-app.com",
    "key": "atlassian-connect-app",
    "scopes": [
        "read", "write"
    ],
    "modules": {}
}