App Data Migration Developer

App Data Migration Developer

Last updatedSep 14, 2020

Rate this page:

Access scopes

The App migration platform allows server apps to export data to cloud, and access Jira and Confluence mappings. Server apps need to declare access scopes so that admin users can consent to it in the user interface of the Jira or Cloud migration assistants.

Depending on the access scopes that your server app declares, the App migration platform will restrict access to the following capabilities:

  • Server app data export to the Atlassian secure cloud storage
  • Cloud app access to the data in the Atlassian secure cloud storage
  • Server and cloud app access to user mappings
  • Server and cloud app access to product mappings (Jira and Confluence mappings)

Available access scopes

Migration tracing

Migration tracing scopes allow your server app to declare the types of mappings that your server and/or cloud app will access. Depending on the access scopes your server app declares, the App migration platform grants access to the corresponding mapping namespaces as follows:

ScopeMappings access
MIGRATION_TRACING_IDENTITYAccess to the identity:user mapping namespace.
MIGRATION_TRACING_PRODUCTAccess to jira and confluence mapping namespaces.

Product data and app data

Product data and app data scopes allow your server app to declare the type of data that the App migration platform exports from the server instance to the Atlassian secure cloud storage. It also determines whether your cloud app will have access to the exported data.

Declare these scopes thoroughly to inform admin users of what data will be exported by your server app from their server instance.

ScopeData exported
PRODUCT_DATA_UGCUser generated content stored by the Atlassian product.
PRODUCT_DATA_PIIPersonally identifiable information (e.g. user names, emails, address, etc.) stored by the Atlassian product.
PRODUCT_DATA_SECURITYPasswords, tokens, secrets etc. Both open or hashed. Stored by the Atlassian product.
PRODUCT_DATA_OTHERAtlassian product data that doesn’t fall under any of the above classifications.
APP_DATA_UGCUser generated content stored by the app.
APP_DATA_PIIPersonally identifiable information (e.g. user names, emails, address, etc.) stored by the app.
APP_DATA_SECURITYPasswords, tokens, secrets etc. Both open or hashed. Stored by the app.
APP_DATA_OTHERApp data that doesn’t fall under any of the above classifications.

Declare your access scopes

When implementing the listener, you must also implement the getDataAccessScopes method to declare the scopes that your app requires.

See an example

The example that follows uses the getDataAccessScopes method to declare the scopes that the server and cloud app needs to access.

1
2
3
4
5
    @Override
    public Set<AccessScope> getDataAccessScopes() {
        return Stream.of(AccessScope.APP_DATA_OTHER, AccessScope.PRODUCT_DATA_OTHER)
            .collect(Collectors.toCollection(HashSet::new));
    }

Rate this page: