Display conditions
Permissions

Forge scopes

Certain platform features, such as the App storage API, are authenticated using OAuth 2.0.

ScopeDescription
read:app-system-token

(Preview: Forge remote) Enables Forge to pass a token to a remote back end, that can be used to invoke Atlassian product REST APIs with the permissions of the app "bot" user.

For more information on Forge remote capabilities, see Forge remote overview.

read:app-user-token

(Preview: Forge remote) Enables Forge to pass a token to a remote back end, that can be used to invoke Atlassian product REST APIs with the permissions of the logged-in user.

Only product modules can have this scope, because they are associated with a logged-in user session. Product event and lifecycle event modules are not associated with a logged-in user session, therefore they cannot have this scope.

For more information on Forge remote capabilities, see Forge remote overview.

storage:appEnables the App storage API.
report:personal-dataEnables the User privacy API.

Product scopes

Product scopes enable a Forge app to request a level of access to an Atlassian product. You can find details about each product operation's required scopes through that product's REST API documentation (specifically, in the operation's Oauth scopes required field). For information about each product event's required scopes, see our events documentation.

For more details about each product's OAuth 2.0 (3LO) and Forge scopes, refer to the pages below:

Rate this page: