Display conditions
Permissions
Translations

Forge scopes

Certain platform features, such as the App storage API, are authenticated using OAuth 2.0.

ScopeDescription
read:app-system-token

Enables Forge to pass a token to a remote backend, that can be used to invoke Atlassian product REST APIs with the permissions of the app "bot" user.

For more information see Forge remote.

read:app-user-token

Enables Forge to pass a token to a remote backend, that can be used to invoke Atlassian product REST APIs with the permissions of the logged-in user.

Only product modules can have this scope, because they are associated with a logged-in user session. Product event and lifecycle event modules are not associated with a logged-in user session, therefore they cannot have this scope.

For more information Forge remote.

storage:appEnables the App storage API.
report:personal-dataEnables the User privacy API.

Product scopes

Product scopes enable a Forge app to request a level of access to an Atlassian product. You can find details about each product operation's required scopes through that product's REST API documentation (specifically, in the operation's Oauth scopes required field). For information about each product event's required scopes, see our events documentation.

For more details about each product's OAuth 2.0 (3LO) and Forge scopes, refer to the pages below:

Rate this page: