In-scope End-User Data (EUD) refers to data that must comply with data residency requirements. As a Forge developer, you are responsible for defining, documenting, and communicating with your customers what data is in-scope and out-of-scope for data residency for your app.
The inScopeEUD property in your app's manifest.yml file declares whether your app egresses
in-scope End-User Data through its external permissions. This property affects your app's:
PINNED statusinScopeEUD can trigger major version
upgradesinScopeEUD propertyThe inScopeEUD property is a boolean that you can set on
egress permissions and
remotes in your app's manifest file.
inScopeEUD: true — The app egresses in-scope End-User Data to the specified address.inScopeEUD: false — The app does not egress in-scope End-User Data to the specified address.If inScopeEUD is not specified, it defaults to true.
1 2permissions: external: fetch: backend: - address: '*.example-analytics.com' category: analytics inScopeEUD: false
Setting inScopeEUD determines whether your app can achieve PINNED status for
data residency:
inScopeEUD is set to true on any egress permission, your app must use
Forge Remote data residency with
region-specific URLs to maintain eligibility for PINNED status.inScopeEUD is set to false on all egress permissions, your app can be eligible for
PINNED status without additional remote configuration.For more information, see Data residency eligibility.
If inScopeEUD is set to true on any egress permission, the app is ineligible for the
Runs on Atlassian badge. To be eligible, your app must not
egress in-scope End-User Data. For more information, see
Runs on Atlassian eligibility requirements.
Changes to the inScopeEUD property can trigger either a major or minor
version upgrade for your app:
inScopeEUD from false to true for the first time
(that is, when no existing egress permission already has inScopeEUD set to true).inScopeEUD from false to true when another egress
permission already has inScopeEUD set to true.The following examples illustrate these scenarios.
This example shows a change to the inScopeEUD value from false to true.
This change leads to a major version upgrade.
1 2permissions: external: fetch: backend: - address: '*.example-dev.com' category: analytics inScopeEUD: true # inScopeEUD value was previously false
This example shows a change to one of the inScopeEUD values, from false to true, where in the
previous version of the app, all inScopeEUD values were false. This change leads to a
major version upgrade.
1 2permissions: external: fetch: backend: - address: '*.example-dev.com' category: analytics inScopeEUD: true # inScopeEUD value was previously false, with all values previously false - address: '*.example-prod.com' category: analytics inScopeEUD: false # no change in value
This example shows a change to one of the inScopeEUD values, from false to true, where in the
previous version of the app, there is already an existing inScopeEUD value that's set to true.
Because the previous version is already egressing in-scope End-User Data, this change only leads
to a minor version upgrade.
1 2permissions: external: fetch: backend: - address: '*.example-dev.com' category: analytics inScopeEUD: true # no change in value - address: '*.example-prod.com' category: analytics inScopeEUD: true # inScopeEUD value was previously false
You are responsible for defining what data your app considers in-scope and out-of-scope for data residency. You must publish this information in your own documentation so that admins can understand your app's suitability and compliance with relevant data residency regulations.
You can also leverage the Atlassian Marketplace to advertise your app's support for data residency. For more information, see Marketplace listing.
inScopeEUD property in your manifest fileinScopeEUDRate this page: