Last updated Feb 4, 2025

Equivalent Connect to Forge OAuth2 Scope Mappings

On This Page

    This page provides details of scope mappings which can be utilised when assessing an app's eligibility for minor updates when moving from Connect to Forge.

    Apps moving from Connect to Forge will have to add OAuth2 scopes to interact with APIs from Forge UI, Forge Functions and Forge Remote. Apps which opt in to the preview of minor updates may avoid manual update approval when their Forge apps satisfies the prerequisite criteria when compared to the customer's currently installed Connect app.

    Currently any changes to the set of scopes declared by an app in their Forge Manifest will trigger an admin-approved update.

    A small subset of Forge OAuth2 scopes are marked UNMAPPED below, indicating that their adoption will always require admin-approval. These OAuth2 scopes are associated with APIs that are not accessible using Connect scopes.

    The tables below list Forge OAuth2 scopes for both Jira and Confluence, the scope description and the proposed mapped Connect Scope. The Connect Scope inheritance rules also apply.

    Jira

    Classic Scopes

    OAuth2 ScopeDescriptionProposed Connect Equivalent
    manage:jira-configurationTake Jira administration actions (e.g. create projects and custom fields, view workflows, manage issue link types).ADMIN
    manage:jira-projectCreate and edit project settings and create new project-level objects (e.g. versions and components).PROJECT_ADMIN
    manage:jira-webhookRegister and manage Jira webhooks.WRITE
    read:jira-userView user information in Jira that the user has access to, including usernames, email addresses, and avatars.READ
    read:jira-workRead Jira project and issue data, search for issues, and objects associated with issues like attachments and worklogs.READ
    write:jira-workCreate and edit issues in Jira, post comments as the user, create worklogs, and delete issues.DELETE

    Granular Scopes

    OAuth2 ScopeDescriptionConnect Equivalent
    delete:async-task:jiraDelete asynchronous task.READ
    delete:attachment:jiraDelete issue attachments.DELETE
    delete:avatar:jiraDelete system and custom avatars.ADMIN
    delete:board-scope.admin:jira-softwareRemove board configuration, features, and properties.DELETE
    delete:comment.property:jiraDelete issue comment properties.DELETE
    delete:comment:jiraDelete issue comments.DELETE
    delete:dashboard.property:jiraDelete dashboard properties.DELETE
    delete:dashboard:jiraDelete dashboards.DELETE
    delete:field-configuration-scheme:jiraDelete field configuration schemes.ADMIN
    delete:field-configuration:jiraDelete field configurations.ADMIN
    delete:field.option:jiraDelete field options.ADMIN
    delete:field:jiraDelete fields.ADMIN
    delete:filter.column:jiraDelete filter columns.DELETE
    delete:filter:jiraDelete filters.DELETE
    delete:group:jiraDelete user groups.ADMIN
    delete:issue-link-type:jiraDelete issue link types.ADMIN
    delete:issue-link:jiraDelete issue links.DELETE
    delete:issue-type-scheme:jiraDelete issue type schemes.ADMIN
    delete:issue-type-screen-scheme:jiraDelete issue type screen schemes.ADMIN
    delete:issue-type.property:jiraDelete issue type properties.ADMIN
    delete:issue-type:jiraDelete issue types.ADMIN
    delete:issue-worklog.property:jiraDelete issue worklog properties.DELETE
    delete:issue-worklog:jiraDelete issue worklogs.DELETE
    delete:issue.property:jiraDelete issue properties.DELETE
    delete:issue.remote-link:jiraDelete issue remote links.DELETE
    delete:issue:jiraDelete issues.DELETE
    delete:organization.property:jira-service-managementAllows the app to delete organisation entity propertiesDELETE
    delete:organization.user:jira-service-managementAllows the app to remove members from organisationsDELETE
    delete:organization:jira-service-managementAllows the app to delete organisationsDELETE
    delete:permission-scheme:jiraDelete permission schemes.ADMIN
    delete:permission:jiraDelete permissions.ADMIN
    delete:project-category:jiraDelete project categories.ADMIN
    delete:project-role:jiraDelete project roles.ADMIN
    delete:project-version:jiraDelete project versions.PROJECT_ADMIN
    delete:project.avatar:jiraDelete project avatars.PROJECT_ADMIN
    delete:project.component:jiraDelete project components.PROJECT_ADMIN
    delete:project.property:jiraDelete project properties.DELETE
    delete:project:jiraDelete projects and their details, such as issue types, project lead, and avatars.ADMIN
    delete:request.feedback:jira-service-managementAllows the app to remove feedback data from requestsDELETE
    delete:request.notification:jira-service-managementAllows the app to remove the subscription status of the user from requestsWRITE
    delete:request.participant:jira-service-managementAllows the app to remove participants (user) data from requestsDELETE
    delete:requesttype.property:jira-service-managementAllows the app to delete request type entity propertiesDELETE
    delete:screen-scheme:jiraDelete screen schemes.ADMIN
    delete:screen-tab:jiraDelete screen tabs.ADMIN
    delete:screen:jiraDelete screens.ADMIN
    delete:screenable-field:jiraDelete screenable fields.ADMIN
    delete:servicedesk.customer:jira-service-managementAllows the app the delete customers from service desksUNMAPPED
    delete:servicedesk.organization:jira-service-managementAllows the app the delete organisations from service desksDELETE
    delete:sprint:jira-softwareDelete sprints and their properties.DELETE
    delete:user-configuration:jiraDelete user configurations.ACT_AS_USER
    delete:user.property:jiraDelete user properties.DELETE
    delete:webhook:jiraDelete webhooks.READ
    delete:workflow-scheme:jiraDelete workflow schemes.ADMIN
    delete:workflow.property:jiraDelete workflow properties.ADMIN
    delete:workflow:jiraDelete workflows.ADMIN
    manage:servicedesk-customerCreate, manage and delete customers and organizations. Add and remove customers and organizations from service desksADMIN
    read:app-data:jiraRead connect app properties dataREAD
    read:application-role:jiraView application roles.READ
    read:attachment:jiraView issue attachments.READ
    read:audit-log:jiraView audit logs.READ
    read:avatar:jiraView system and custom avatars.READ
    read:board-scope.admin:jira-softwareRead the board configuration, features, properties, related projects, filters, and quick filters.READ
    read:board-scope:jira-softwareRead boards and backlogs, and their issues. Read related reports and versions.READ
    read:comment.property:jiraView issue comment properties.READ
    read:comment:jiraView issue comments.READ
    read:custom-field-contextual-configuration:jiraRead custom field contextual configurations.READ
    read:customer:jira-service-managementAllows the app to read customer accounts informationREAD
    read:dashboard.property:jiraView dashboard properties.READ
    read:dashboard:jiraView dashboards.READ
    read:email-address:jiraView email addresses of all users regardless of user’s profile visibility settings.ACCESS_EMAIL_ADDRESSES
    read:epic:jira-softwareRead epics and their issues, and search for epics. Read issues from the Issues without epics category.READ
    read:field-configuration-scheme:jiraView field configuration schemes.ADMIN
    read:field-configuration:jiraRead field configurations.ADMIN
    read:field.default-value:jiraView field default values.READ
    read:field.option:jiraView field options.READ
    read:field:jiraView fields.READ
    read:filter.column:jiraView filter columns.READ
    read:filter.default-share-scope:jiraView filter default share scopes.READ
    read:filter:jiraView filters.READ
    read:group:jiraView user groups.READ
    read:instance-configuration:jiraView instance configurations.ADMIN
    read:issue-details:jiraView issue details.READ
    read:issue-event:jiraRead issue events.ADMIN
    read:issue-link-type:jiraView issue link types.READ
    read:issue-meta:jiraView issue meta.READ
    read:issue-security-level:jiraView issue security levels.READ
    read:issue-security-scheme:jiraView issue security schemes.ADMIN
    read:issue-status:jiraView issue statuses.READ
    read:issue-type-hierarchy:jiraRead issue type hierarchies.READ
    read:issue-type-scheme:jiraView issue type schemes.ADMIN
    read:issue-type-screen-scheme:jiraView issue type screen schemes.ADMIN
    read:issue-type.property:jiraView issue type properties.READ
    read:issue-type:jiraView issue types.READ
    read:issue-worklog.property:jiraView issue worklog properties.READ
    read:issue-worklog:jiraView issue worklogs.READ
    read:issue.changelog:jiraView issue changelogs.READ
    read:issue.property:jiraView issue properties.READ
    read:issue.remote-link:jiraView issue remote links.READ
    read:issue.time-tracking:jiraView issue time trackings.READ
    read:issue.transition:jiraView issue transitions.READ
    read:issue.vote:jiraView issue votes.READ
    read:issue.watcher:jiraView issue watchers.READ
    read:issue:jiraView issues.READ
    read:issue:jira-softwareRead the details of issues, including Agile fields, and their estimations.READ
    read:jira-expressions:jiraView jira expressions.READ
    read:jql:jiraView JQL.READ
    read:knowledgebase:jira-service-managementAllows the app to search and list KB articlesREAD
    read:label:jiraView labels.READ
    read:license:jiraView licenses.READ
    read:notification-scheme:jiraView notification schemes.ADMIN
    read:organization.property:jira-service-managementAllows the app to read organisation entity propertiesREAD
    read:organization.user:jira-service-managementAllows the app to read organisation membership informationREAD
    read:organization:jira-service-managementAllows the app to read organisation informationREAD
    read:permission-scheme:jiraView permission schemes.READ
    read:permission:jiraView permissions.READ
    read:priority:jiraView priorities.READ
    read:project-category:jiraView project categories.READ
    read:project-role:jiraView project roles.READ
    read:project-type:jiraView project types.READ
    read:project-version:jiraView project versions.READ
    read:project.avatar:jiraRead project avatars.READ
    read:project.component:jiraView project components.READ
    read:project.email:jiraView project emails.READ
    read:project.feature:jiraRead project features.READ
    read:project.property:jiraView project properties.READ
    read:project:jiraView projects.READ
    read:queue:jira-service-managementAllows the app to list queuesREAD
    read:request.approval:jira-service-managementAllows the app to read approval data from requestsREAD
    read:request.attachment:jira-service-managementAllows the app to read attachment data from requestsREAD
    read:request.comment:jira-service-managementAllows the app to read comment data from requestsREAD
    read:request.feedback:jira-service-managementAllows the app to read feedback data from requestsREAD
    read:request.notification:jira-service-managementAllows the app to read the subscription status of the user for requestsREAD
    read:request.participant:jira-service-managementAllows the app to read participant (user) data from requestsREAD
    read:request.sla:jira-service-managementAllows the app to read SLA data from requestsREAD
    read:request.status:jira-service-managementAllows the app to read status/transition data from requestsREAD
    read:request:jira-service-managementAllows the app to list & search requestsREAD
    read:requesttype.property:jira-service-managementAllows the app to read request type desk entity propertiesREAD
    read:requesttype:jira-service-managementAllows the app to list & search request typesREAD
    read:resolution:jiraView resolutions.READ
    read:screen-field:jiraView screen fields.ADMIN
    read:screen-scheme:jiraView screen schemes.ADMIN
    read:screen-tab:jiraView screen tabs.ADMIN
    read:screen:jiraView screens.READ
    read:screenable-field:jiraView screenable fields.ADMIN
    read:servicedesk-requestRead customer request data, including approvals, attachments, comments, request participants, and status/transitions. Read service desk and request types, including searching for request types and reading request type fields, properties and groups.READ
    read:servicedesk.customer:jira-service-managementAllows the app the list customers of service desksREAD
    read:servicedesk.organization:jira-service-managementAllows the app to list organisations to service desksREAD
    read:servicedesk:jira-service-managementAllows the app to list & search service desksREAD
    read:sprint:jira-softwareRead the details of sprints, their issues, and properties.READ
    read:status:jiraView statuses.READ
    read:user-configuration:jiraView user configurations.READ
    read:user.columns:jiraView user columns.READ
    read:user.property:jiraView user properties.READ
    read:user:jiraView users.READ
    read:webhook:jiraView webhooks.READ
    read:workflow-scheme:jiraView workflow schemes.ADMIN
    read:workflow.property:jiraView workflow properties.ADMIN
    read:workflow:jiraView workflows.READ
    send:notification:jiraSend notifications.WRITE
    validate:jql:jiraValidate JQL.READ
    write:app-data:jiracreate, modify and delete app properties dataREAD
    write:attachment:jiraCreate and update issue attachments.WRITE
    write:avatar:jiraCreate and update system and custom avatars.ADMIN
    write:board-scope.admin:jira-softwareCreate boards, save the board configuration, features, and properties.WRITE
    write:board-scope:jira-softwareMove issues between boards and backlogs.WRITE
    write:comment.property:jiraCreate and update issue comment properties.WRITE
    write:comment:jiraCreate and update issue comments.WRITE
    write:custom-field-contextual-configuration:jiraSave custom field contextual configurations.ADMIN
    write:customer:jira-service-managementAllows the app to create customer accounts (user)ADMIN
    write:dashboard.property:jiraCreate and update dashboard properties.WRITE
    write:dashboard:jiraCreate and update dashboards.WRITE
    write:epic:jira-softwareSave epics, add and remove issues from epics, and rank epics.WRITE
    write:field-configuration-scheme:jiraCreate and update field configuration schemes.ADMIN
    write:field-configuration:jiraSave field configurations.ADMIN
    write:field.default-value:jiraCreate and update field default values.ADMIN
    write:field.option:jiraCreate and update field options.ADMIN
    write:field:jiraCreate and update fields.ADMIN
    write:filter.column:jiraCreate and update filter columns.WRITE
    write:filter.default-share-scope:jiraCreate and update filter default share scopes.WRITE
    write:filter:jiraCreate and update filters.WRITE
    write:group:jiraCreate and update user groups.ADMIN
    write:instance-configuration:jiraCreate and update instance configurations.ADMIN
    write:issue-link-type:jiraCreate and update issue link types.ADMIN
    write:issue-link:jiraCreate and update issue links.WRITE
    write:issue-type-scheme:jiraCreate and update issue type schemes.ADMIN
    write:issue-type-screen-scheme:jiraCreate and update issue type screen schemes.ADMIN
    write:issue-type.property:jiraCreate and update issue type properties.ADMIN
    write:issue-type:jiraCreate and update issue types.ADMIN
    write:issue-worklog.property:jiraCreate and update issue worklog properties.WRITE
    write:issue-worklog:jiraCreate and update issue worklogs.WRITE
    write:issue.property:jiraCreate and update issue properties.WRITE
    write:issue.remote-link:jiraCreate and update issue remote links.WRITE
    write:issue.time-tracking:jiraCreate and update issue time trackings.ADMIN
    write:issue.vote:jiraCreate and update issue votes.WRITE
    write:issue.watcher:jiraCreate and update issue watchers.WRITE
    write:issue:jiraCreate and update issues.WRITE
    write:issue:jira-softwareRank issues and save their estimations.WRITE
    write:organization.property:jira-service-managementAllows the app to write organisation entity propertiesWRITE
    write:organization.user:jira-service-managementAllows the app to add members to organisationsADMIN
    write:organization:jira-service-managementAllows the app to create organisationsADMIN
    write:permission-scheme:jiraCreate and update permission schemes.ADMIN
    write:permission:jiraCreate and update permissions.ADMIN
    write:project-category:jiraCreate and update project categories.ADMIN
    write:project-role:jiraCreate and update project roles.ADMIN
    write:project-version:jiraCreate and update project versions.PROJECT_ADMIN
    write:project.avatar:jiraCreate and update project avatars.PROJECT_ADMIN
    write:project.component:jiraCreate and update project components.PROJECT_ADMIN
    write:project.email:jiraCreate and update project emails.PROJECT_ADMIN
    write:project.feature:jiraSave project features.PROJECT_ADMIN
    write:project.property:jiraCreate and update project properties.WRITE
    write:project:jiraCreate and update projects.ADMIN
    write:request.approval:jira-service-managementAllows the app to act on approvals of requests (e.g approve, deny, …)WRITE
    write:request.attachment:jira-service-managementAllows the app to add attachments to requestsWRITE
    write:request.comment:jira-service-managementAllows the app to add comments to requestsWRITE
    write:request.feedback:jira-service-managementAllows the app to write feedback data on requestsWRITE
    write:request.notification:jira-service-managementAllows the app to change the subscription status of the user for requestsWRITE
    write:request.participant:jira-service-managementAllows the app to add participants (user) data from requestsWRITE
    write:request.status:jira-service-managementAllows the app to execute transitions on requestsWRITE
    write:request:jira-service-managementAllows the app to create requestsWRITE
    write:requesttype.property:jira-service-managementAllows the app to write request type entity propertiesWRITE
    write:requesttype:jira-service-managementAllows the app to create or modify request typesPROJECT_ADMIN
    write:screen-scheme:jiraCreate and update screen schemes.ADMIN
    write:screen-tab:jiraCreate and update screen tabs.ADMIN
    write:screen:jiraCreate and update screens.ADMIN
    write:screenable-field:jiraCreate and update screenable fields.ADMIN
    write:servicedesk-requestCreate and edit customer requests, including add comments and attachments, approve, share (add request participants), subscribe, and transition.WRITE
    write:servicedesk.customer:jira-service-managementAllows the app the add customers to service desksWRITE
    write:servicedesk.organization:jira-service-managementAllows the app the add organisations to service desksWRITE
    write:sprint:jira-softwareSave, move issues to sprints, and change the order of sprints.WRITE
    write:user-configuration:jiraCreate and update user configurations.ACT_AS_USER
    write:user.property:jiraCreate and update user properties.WRITE
    write:webhook:jiraCreate and update webhooks.READ
    write:workflow-scheme:jiraCreate and update workflow schemes.ADMIN
    write:workflow.property:jiraCreate and update workflow properties.ADMIN
    write:workflow:jiraCreate and update workflows.ADMIN

    Confluence

    Classic Scopes

    OAuth2 ScopeDescriptionProposed Connect Equivalent
    manage:confluence-configurationManage global settings.WRITE
    read:confluence-content.allRead all content, including content body (expansions permitted). Note, APIs using this scope may also return data allowed by read:confluence-space.summary. However, this scope is not a substitute for read:confluence-space.summary.READ
    read:confluence-content.permissionView content permission in Confluence.READ
    read:confluence-content.summaryRead a summary of the content, which is the content without expansions. Note, APIs using this scope may also return data allowed by read:confluence-space.summary. However, this scope is not a substitute for read:confluence-space.summary.READ
    read:confluence-groupsPermits retrieval of user groups.READ
    read:confluence-propsRead content properties.READ
    read:confluence-space.summaryRead a summary of space information without expansions.READ
    read:confluence-userView user information in Confluence that you have access to, including usernames, email adresses and profile pictures.READ
    readonly:content.attachment:confluenceDownload attachments of a Confluence page or blogpost that you have access to.READ
    search:confluenceSearch Confluence. Note, APIs using this scope may also return data allowed by read:confluence-space.summary and read:confluence-content.summary. However, this scope is not a substitute for read:confluence-space.summary or read:confluence-content.summary.READ
    write:confluence-contentPermits the creation of pages, blogs, comments and questions.WRITE
    write:confluence-fileUpload attachments.WRITE
    write:confluence-groupsPermits creation, removal and update of user groups.ADMIN
    write:confluence-propsWrite content properties.WRITE
    write:confluence-spaceCreate, update and delete space information.DELETE

    Granular Scopes

    OAuth2 ScopeDescriptionProposed Connect Equivalent
    delete:attachment:confluenceDelete attachments.DELETE
    delete:comment:confluenceCreate and update comments.DELETE
    delete:content:confluenceDelete content such as pages, blogposts, whiteboards, databases, Smart Links, folders, comments, or attachments.DELETE
    delete:custom-content:confluenceDelete custom content.DELETE
    delete:database:confluenceDelete databases.DELETE
    delete:embed:confluenceDelete Smart Links.DELETE
    delete:folder:confluenceDelete folders.DELETE
    delete:page:confluenceDelete pages.DELETE
    delete:space:confluenceDelete spaces.DELETE
    delete:whiteboard:confluenceDelete whiteboards.DELETE
    read:analytics.content:confluenceView analytics for content. Note that this does not provide access to the content itself.READ
    read:attachment:confluenceView and download attachments of a page or blogpost that you have access to.READ
    read:audit-log:confluenceView and export audit records for Confluence events.ADMIN
    read:comment:confluenceView comments on pages or blogposts.READ
    read:configuration:confluenceView Confluence settings, themes and system information.READ
    read:content-details:confluenceView details regarding content and its associated properties.READ
    read:content.metadata:confluenceView information about the content. Note that this does not provide access to the content itself.READ
    read:content.permission:confluenceCheck if a user or a group can perform an operation to the specified content.READ
    read:content.property:confluenceView properties associated with a content.READ
    read:content.restriction:confluenceView the restrictions on the content.READ
    read:content:confluenceView all contents, such as pages, blogposts, whiteboards, databases, Smart Links, folders, comments, and attachments.READ
    read:custom-content:confluenceView custom content.READ
    read:database:confluenceView database data, such as its content id and titleREAD
    read:email-address:confluenceView email addresses of all users regardless of the user’s profile visibility settings.ACCESS_EMAIL_ADDRESSES
    read:embed:confluenceView Smart Link data, such as its content id and titleREAD
    read:folder:confluenceView folder data, such as its content id and titleREAD
    read:group:confluenceView details about groups including its members.READ
    read:inlinetask:confluenceSearch and view inline tasks.READ
    read:label:confluenceView labels associated with the content or space.READ
    read:page:confluenceView page content.READ
    read:relation:confluenceView relationships between two entities.READ
    read:space-details:confluenceView details regarding spaces and their associated properties.READ
    read:space.permission:confluenceView space permissions.READ
    read:space.property:confluenceView properties associated with the space.READ
    read:space.setting:confluenceView space settings and themes.READ
    read:space:confluenceView space detailsREAD
    read:task:confluenceView Confluence tasks. Note that is only used for V2 APIsREAD
    read:template:confluenceView content templates.READ
    read:user.property:confluenceView properties associated with the user.READ
    read:user:confluenceView user details.READ
    read:watcher:confluenceView the watchers associated with the contents, spaces or labels.READ
    read:whiteboard:confluenceView whiteboard data, such as its content id and titleREAD
    write:attachment:confluenceCreate and update attachments.WRITE
    write:audit-log:confluenceCreate records in the audit log.ADMIN
    write:comment:confluenceCreate and update comments.WRITE
    write:configuration:confluenceUpdate Confluence settings, including global look and feel.WRITE
    write:content.property:confluenceCreate, update and delete properties associated with a content.WRITE
    write:content.restriction:confluenceUpdate the restrictions on the content.WRITE
    write:content:confluenceCreate and update content, such as pages, blogposts, whiteboards, databases, folders, and Smart Links.WRITE
    write:custom-content:confluenceCreate and update custom content.WRITE
    write:database:confluenceCreate and update databases.WRITE
    write:embed:confluenceCreate and update Smart Links.WRITE
    write:folder:confluenceCreate and update folders.WRITE
    write:group:confluenceCreate and delete groups.ADMIN
    write:inlinetask:confluenceUpdate inline tasks and mark as either completed or not.WRITE
    write:label:confluenceAdd and remove labels associated with the content or space.WRITE
    write:page:confluenceCreate and update pages.WRITE
    write:relation:confluenceCreate and update relationships between two entities.WRITE
    write:space.permission:confluenceUpdate space permissions.WRITE
    write:space.property:confluenceCreate, update and delete properties associated with the space.WRITE
    write:space.setting:confluenceUpdate space settings and themes.WRITE
    write:space:confluenceCreate and update spaces.WRITE
    write:task:confluenceUpdate Confluence tasks. Note that is only used for V2 APIsWRITE
    write:template:confluenceCreate, update and delete content templates.DELETE
    write:user.property:confluenceCreate, update and delete properties associated with the user.WRITE
    write:watcher:confluenceAdd and remove content watchers.WRITE
    write:whiteboard:confluenceCreate and update whiteboards.WRITE

    Rate this page: