Forge remote data residency - Realm pinning is now available as part of our Early Access Program (EAP). To start testing this feature, sign up using this form.
Forge remote date residency is an experimental feature offered for testing and feedback purposes. This feature is unsupported and subject to change without notice. Do not use Forge remote date residency in apps that handle sensitive information, including personal data and customer data.
For more details, see Forge EAP, Preview, and GA.
Forge remote data residency provides you with the flexibility to help meet data residency requirements by pinning remote endpoints to specific regions. This capability, combined with the automatic data residency support of Forge hosted storage, can help you provide a more comprehensive data compliance solution.
With region-based URLs, you can help ensure in-scope End-User Data is stored and processed in the right locations, building customer trust.
This feature takes an important step toward enabling app migration from Connect to Forge by addressing some data residency requirements. By using realm pinning for remote endpoints, developers can begin aligning their apps with compliance needs and support the transition to Forge. For more details about adopting Forge from Connect, see How to adopt Forge from Connect.
This guide walks you through setting up realm pinning for remotes in your Forge apps. Note that during the EAP, all changes related to setting up data residency are confined to your non-production environment for testing.
Some actions required to set up data residency for remote storage will trigger a major version change. These include:
Ensure you review and plan for these changes, as they can significantly impact app behavior and compatibility.
Realm pinning determines the selected geographic location of URLs defined as baseUrl during the initial installation of an app. If a customer pins their product to a specific region, the app selects the corresponding location from the manifest upon installation. Even if the product has not been pinned, the baseUrl defined for the region is still used during installation if the app supports the region where the product is provisioned.
Supporting data residency is optional, meaning you can continue with your app's current configuration. However, if you decide not to implement support for realm pinning, customers with strict data residency requirements may choose not to install your app.
A PINNED status means that an app's data is hosted in the same location as the product data. For the current requirements to achieve PINNED status, refer to Forge Data Residency.
The following new options are part of the EAP:
inScopeEUD: true: Apps that use remotes to store in-scope End-User Data (inScopeEUD: true) must configure these remotes with region-based URLs.remote 1 uses us, eu, and au regions, all other remotes must include the same regions.In Atlassian Administration, you may see additional statuses beyond PINNED for you app. For more information on these statuses, visit Moving your Marketplace apps' data to another location.
You can now manage data residency for remotes in Forge. Here’s how to set it up:
baseUrl with region-specific URLs (us, eu, au, etc.) and include a storage attribute with inScopeEUD: true for data storage compliance.1 2remotes: - key: forge-remote baseUrl: default: "https://api.example.com" us: "https://us-api.example.com" eu: "https://eu-api.example.com" operations: - storage - fetch - compute - other storage: inScopeEUD: true
If operations are not defined, storage and inScopeEUD will be treated as true. This means the remote will be considered to store in-scope End-User Data for data residency compliance purposes.
compute or fetch operations. For more information on operation, see Remotes properties.Defining which data falls under data residency rules is crucial for compliance. To do this:
Identify in-scope data: Determining which data your app collects or processes is subject to data residency rules. This typically includes personal data, identifiable information, and other sensitive data. See Atlassian’s in-scope data as an example.
Document and share: Prepare to document this information in your app’s privacy and compliance documentation. Be transparent with customers about which data is in scope and how you manage it.
This transparency builds trust with your customers. For more information, refer to Atlassian cloud: How trust works for customers and partners.
Forge currently supports several regions for realm pinning to meet data residency requirements.
For more details about the Forge remote data residency EAP, see our roadmap.
The following items are not part of the scope for data residency support in Forge:
Apps using direct URLs: If your app uses direct URLs through external fetch, it cannot achieve PINNED status. This is due to the use of wildcard URLs, which do not meet the strict requirements for data residency.
Realm Persistence: Realm persistence is not part of Forge's data residency solution at this time.
Rate this page: