Last updated Aug 25, 2025

Analytics tool policy for Forge apps

This policy only applies to egress permissions configured under the analytics category in your Forge app manifest.

The policy is not limited to apps that meet the Runs on Atlassian criteria. Partners can still continue using tools of choice, but these tools should be declared as general egress and not under the analytics category.

To protect user privacy and data security, Atlassian enforces strict criteria for analytics tools used by apps when configuring egress permissions under the analytics category.

This policy ensures the following:

Only approved and privacy-respecting analytics tools are permitted.
Tools with features that may compromise user privacy, such as session recording or a heavy dependency on PII (personal identifiable information) tracking, are excluded.

This page outlines the enforced allowlist, as well as the process for requesting approval of analytics tools.

Analytics criteria

These analytics criteria apply to all tools capturing data through analytics egress permissions in your Forge app manifest, regardless of whether your app is eligible for the Runs on Atlassian program.

Analytics tools must adhere to the following criteria:

Be used for product analytics, and not developer observability or bug tracking.
Not provide user session recording features.
Not be a script aggregation tool, for example, Google Tag Manager and Segment.
Not support self-hosted deployment (cloud-only).
Have a public website, comprehensive documentation, and an accessible privacy policy.
Have a recognized fixed domain name that is easily associated with the company or provider, for example, subdomain.acme.com.

Atlassian reserves the right to update these criteria as business needs arise.

Policy rationale

Analytics tools are essential for understanding product usage and improving user experience. Some customers acknowledge this and are comfortable with apps sharing data with remote tools for analytics purposes, especially in the case of Runs on Atlassian apps.

However, apps that use the analytics category to share data with tools designed for other purposes, or that capture excessive information about customers, may erode user trust. This policy ensures that developers use the analytics category solely with privacy focused analytics tools, ensuring transparency for customers regarding their apps' purposes for data egress.

The policy will be enforced in two phases, which gives partners time to migrate to approved tools.

Phase 1 (19 August 2025)

Apps declaring domains not matching the criteria for analytics tools will be blocked from deployment.

However, before Phase 2, we provide temporary exemption for analytics tools that match the following ineligible categories: developer observability, session recording, and script aggregation.

Phase 2 (16 September 2025)

We're removing the temporary exemption, which means that any app declaring domains that are not part of the list of pre-approved domains will be automatically blocked from deployment.

Ineligible categories

Category	Reasoning	Example	Recommended alternative
`Developer observability`	The Forge platform offers developer observability.	Sentry, PostHog, LaunchDarkly, Statsig	Utilize the Atlassian developer console
`Session recording`	These tools pose a potential risk of sharing PII/UGC with the app developer.	Hotjar, PostHog	No alternative is recommended. Session recording is strictly prohibited.
`Script aggregation tools`	These obscure analytics domain names, leading to a lack of transparency in the installation consent for customers. These tools can also be utilized to load any script onto the page, including session recorders, not just product analytics tools.	Segment, Google Tag Manager	Declare each analytics tool separately in the Forge manifest so that analytics egress is transparent to the customer on app installation.
`Self-hosted tools`	Atlassian cannot guarantee that a self-hosted analytics URL is not being utilized for functional app egress.	Umani, Plausible	Use a cloud analytics vendor that meets Runs on Atlassian analytics criteria.

List of pre-approved domains

The analytics egress category is only allowed for the following pre-approved domains:

Domain	Description
`*.google-analytics.com`	Google Analytics
`cdn.mxpnl.com`, `*.mixpanel.com`	Mixpanel
`*.journy.io`	Journy
`static.cloudflareinsights.com`	Cloudflare Web Analytics
`*.cdn.usefathom.com`	Fathom Analytics
`.events.usermaven.com`, `.um.contentstudio.io`	Usermaven
`*.beamanalytics.b-cdn.net`	Beam Analytics
`*.microanalytics.io`	Microanalytics
`*.scripts.withcabin.com`	WithCabin
`*.scripts.simpleanalyticscdn.com`	Simple Analytics
`*.userpilot.io`	UserPilot
`in.accoil.com`	Accoil

Using the analytics category on a domain that isn't on this list will prevent your app from deploying. This policy ensures that the analytics egress category is used transparently and only for legitimate analytics purposes, maintaining user trust regardless of your app's participation in trust programs like Runs on Atlassian.

Requesting approval for additional domains

If you need to use an analytics tool that’s not on the pre-approved list, raise a support request here.

Atlassian will review your request and the information provided at its sole discretion. If Atlassian approves your request, the tool will be added to the allowlist and published on the developer documentation. If not, you will be advised to select an approved alternative.