Last updated May 26, 2022

Logging guidelines for app developers

As a Forge developer, you have access to logs for your apps installed on your users' sites, and users will also be able to download their own logs, to see what data they are sharing with you.

Logging data may include customer and/or user data, including personal data, that is sensitive to certain use or exposure and, in many cases, regulated by applicable laws. While the definition of personal data differs according to applicable laws, under the General Data Protection Regulation (“GDPR”), personal data is any data relating to any identified or identifiable natural person.

These guidelines are designed to provide an overview of best practices for logging. They are not intended to be a substitute for legal advice. Always consult legal counsel before acting on anything discussed on this page.

Please note that these guidelines are in addition to, and in no way limit, the Atlassian Developer Terms or the Marketplace Partner Agreement.

To find out more about user privacy requirements, see the General Data Protection Regulation, or other laws that may apply to you.

General recommendations

  • Make sure your privacy policy provides clear and complete information about how you collect and process logging data.

  • Minimize the logging data you collect. Collect data only where you need it to troubleshoot issues with your app.

  • If you need data, only collect the minimum amount needed to troubleshoot. Don't collect data because you think it may be useful for another purpose.

  • Avoid logging personal data when possible. If you need to collect personal data to troubleshoot, consider de-identifying it, e.g. hashing, masking.

  • If you collect personal data, respect the Atlassian Developer Terms and any instructions to delete personal data upon request and/or uninstall. In addition, get rid of data when it is no longer needed for the original purpose by developing and enforcing reasonable data retention schedules.

  • Avoid logging any authorization data (e.g. secrets, keys).

Should I log this?

Below are some examples of data that you may consider logging, along with our recommendation of whether that data should not be logged, in accordance with best practices.

Any data that should not be logged, should also not be visible in the URL of your app’s page.

Should I log...Best practiceMore details
NameNoThis is a direct identifier.
User ID - Email AddressNoThis is a direct identifier.
User ID - UsernameNoThis is a direct identifier.
Session IDNoThis is an indirect identifier which could be used, in association with other data, to identify a user.
User Generated ContentNoThis is content that could include personal data or confidential customer data.
Source IP Address / Dest IPLog with cautionThis is an indirect identifier which could be used, in association with other data, to identify a user.
X-Forwarded-ForLog with cautionThis is an indirect identifier which could be used, in association with other data, to identify a user.
URL path and query stringLog with cautionThis is an indirect identifier which could be used, in association with other data, to identify a user. Avoid passing usernames or other non-arbitrary identifiers in URL paths or query strings.
User AgentsLog with cautionThis is an indirect identifier which could be used, in association with other data, to identify a user.
AaID (Atlassian Account ID)Log with cautionThis is an indirect identifier which could be used, in association with other data, to identify a user.
NicknameLog with cautionThis is an indirect identifier which could be used, in association with other data, to identify a user.
User IDLog with cautionThis is an indirect identifier which could be used, in association with other data, to identify a user.
Member IDLog with cautionThis is an indirect identifier which could be used, in association with other data, to identify a user.
Site IDLog with cautionThis is an indirect identifier which could be used, in association with other data, to identify a user.
Cloud IDLog with cautionThis is an indirect identifier which could be used, in association with other data, to identify a user.
Tenant IDLog with cautionThis is an indirect identifier which could be used, in association with other data, to identify a user.
Tenant NameLog with cautionThis is an indirect identifier which could be used, in association with other data, to identify a user.

Where can I find more information?

See User privacy guide for app developers and Data privacy guidelines for developers.

Rate this page: