Last updated Feb 5, 2025

Minor version updates (Connect to Forge) Preview program

Minor version updates for apps moving from Connect to Forge are now available as an opt-in Forge Preview feature.

To enroll your app in the Preview, see the instructions at Listing your Forge successor app on Marketplace.

If you wish to enroll multiple apps, please complete a request for each app.

Preview features are deemed stable; however, they remain under active development and may be subject to shorter deprecation windows. Preview features are suitable for early adopters in production environments.

We release preview features so partners and developers can study, test, and integrate them prior to General Availability (GA). For more information, see Forge release phases: EAP, Preview, and GA.

To reduce the need for customer admins to approve the installation of a new version of a Connect app that has adopted Forge, we have expanded the criteria for the types of app updates that are minor updates when moving from Connect to Forge.

One of the challenges with updating Connect apps to Forge has been that installing the updated version of the app requires Admin approval due to being a major version update. These approvals are outside the control of partners distributing apps. Therefore, a partner could end up with some customers (who approved the update) on the Forge version of the app and some customers (who have not yet actioned the update) still on the Connect version, resulting in the need to keep maintaining the Connect version even after rollout of the Forge version.

Reducing the need for major updates

We have looked closely at changes to apps that might occur when moving from Connect to Forge such as adding a new remote or updating fetch permissions, and designated a number of them as requiring only a minor version update.

The criteria used to determine whether a change requires a major or minor version update involve considering whether the change represents an elevation of permissions from those that the Connect app already has, or whether the permissions specified for the Forge app just represent an inheritance of permissions from the Connect app. For example, if a Connect app has the WRITE scope, and after adopting Forge, it specifies the write:comment:jira Forge scope, the Forge version of the app is considered to have inherited that permission from the original Connect WRITE scope. If the Forge version of the app adds fetch permissions, that is considered a minor update because it is not adding permissions: Connect apps did not require permissions to be set, to fetch resources.

You can view the list of Connect and Forge OAuth 2.0 scope equivalences for more information on how a Forge scope is determined to be inheriting the intent of an existing Connect scope. In this list, you'll see that many OAuth 2.0 scopes that grant very specific permissions can map to a single Connect scope that grants a broader set of permissions. If your Connect app includes one or more of these broad scopes such as READ or WRITE, you will find that multiple OAuth 2.0 scopes inherit the intent of the Connect scope. Adding any of those to your app will be considered adding scopes that inherit from the existing Connect scope.

This critera is in Preview and is subject to change prior to General Availability.

The following table details the current criteria for minor updates, for the two update scenarios affected by this Preview:

  • Update of a Connect app to Forge
  • Subsequent updates of a Forge app that contains at least one Connect module

Minor update criteria

Type of update

Requires Admin approval when updating from Connect to Forge

Requires Admin approval on subsequent Forge updates

Modification of the remote used for Connect, including changing the baseUrl

Yes checkmarkYes checkmark

Addition of one or more new remotes

No checkmarkNo checkmark

Removal of any non-Connect remote

N/ANo checkmark

Removal of the remote used for Connect

No checkmarkYes checkmark

Addition of Forge-specific OAuth 2.0 scopes that inherit permissions already granted by a Connect scope the customer has already accepted

No checkmarkYes checkmark

Addition of any new scopes (elevating existing Connect scope access)

Yes checkmarkYes checkmark

Addition of additional Forge-specific OAuth 2.0 scopes

No checkmarkYes checkmark

Removal of any scopes (Forge or Connect scopes)

No checkmarkYes checkmark

Licensing updated between Free and Paid

Yes checkmarkYes checkmark

Adding, updating or removing Forge modules

No checkmarkNo checkmark

Modifying content permissions CSP options, external permissions CSP options and URLs, or

fetch permissions options and URLs.

No checkmarkNo checkmark

Addition, removal or modification of a provider, including changing a provider client ID

Yes checkmarkYes checkmark

Rate this page: