Developer
News and Updates
Get Support
Sign in
Get Support
Sign in
DOCUMENTATION
Cloud
Data Center
Resources
Sign in
Sign in
DOCUMENTATION
Cloud
Data Center
Resources
Sign in
Last updated Jun 30, 2026

Supported tools

The Atlassian Rovo MCP Server supports a catalog of tools across Atlassian apps. Each tool is organized into a permission group, with each group bundling one or more tools by intent (for example, read, write, or search).

Permission groups and access

Organization admins grant or revoke access at the permission-group level, and each tool inherits the access of its parent group. Some tools do not belong to a permission group and are required for the overall operation of the MCP server.

Authentication requirements by product

Availability of a tool depends on the authentication method in use:

ProductAvailability
JiraOAuth 2.1 and API token authentication
ConfluenceOAuth 2.1 and API token authentication
CompassOAuth 2.1 only
Jira Service ManagementAPI token authentication only
Bitbucket CloudAPI token authentication (with scopes) only; the Bitbucket workspace must be linked to an organization

API-token-only tools are available only if authentication via API token (or an API token with scopes, for Bitbucket) has been enabled by your organization admin.

Teamwork Graph and third-party data

Teamwork Graph MCP tools can retrieve data from third-party services connected to Jira, such as linked pull requests, builds, and deployments. For the GitHub for Atlassian connector, the data retrievable via MCP depends on the permission level granted to the connector:

  • Full access - MCP tools can retrieve GitHub data based on the user's GitHub permissions.
  • Limited access - MCP tools can retrieve GitHub data based on the user's Jira permissions, which may differ from their GitHub permissions. If a user can see a GitHub link in a Jira work item, they can retrieve only what is shown on that work item.

Security guidance

MCP clients can perform actions in Jira, Confluence, and Compass with your existing permissions. Use least privilege, review high-impact changes before confirming, and monitor audit logs for unusual activity.

Next steps

Rate this page: