APIs for managing privacy and security information for Marketplace applications. These endpoints allow developers to create, update, and publish detailed privacy and security policies for their apps, including data handling practices, security measures, third-party integrations, and compliance information. The APIs support both draft and live versions, enabling careful review and staged deployment of policy updates.
Get the privacy and security info for the specified app. This resource requires authentication for fetching "draft" version of privacy and security information.
Usage Examples:
1GET /rest/3/privacy-and-security/products/12345678-1234-1234-1234-123456789abc
1GET /rest/3/privacy-and-security/products/12345678-1234-1234-1234-123456789abc?state=draft
Forge and OAuth2 apps cannot access this REST resource.
string
Requiredstring
Successfully retrieved privacy and security information
1
2
3
4
curl --request GET \
--url 'https://api.atlassian.com/marketplace/rest/3/privacy-and-security/products/{productId}' \
--user 'email@example.com:<api_token>' \
--header 'Accept: application/json'1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
{
"commonCloud": {
"dataAccessAndStorage": {
"dataAccess": {
"dataAccessDescription": "This app accesses user data to provide core functionality",
"dataAccessTypes": [
"USER_PROFILE",
"CONTENT"
],
"dataAccessScope": "USER_LEVEL"
},
"dataStorage": {
"dataStorageDescription": "User data is stored securely in our cloud infrastructure",
"dataRetentionPeriod": "90_DAYS",
"dataDeletionPolicy": "AUTOMATIC"
}
},
"thirdPartyInformation": {
"thirdPartyServices": [
"AWS",
"Google Analytics"
],
"dataSharing": false,
"dataSharingDescription": "No user data is shared with third parties"
},
"logDetails": {
"loggingEnabled": true,
"logRetention": "30_DAYS",
"sensitiveDataLogging": false
},
"dataResidency": {
"dataResidencyRegions": [
"US",
"EU"
],
"dataResidencyCompliance": true
},
"dataRetention": {
"retentionPeriod": "90_DAYS",
"deletionProcess": "AUTOMATIC",
"backupRetention": "30_DAYS"
},
"privacy": {
"privacyEnhancingTechniques": {
"dataMinimization": true,
"anonymization": false,
"pseudonymization": true
},
"gdpr": {
"gdprCompliant": true,
"dataProcessingBasis": "CONSENT",
"userRights": [
"ACCESS",
"RECTIFICATION",
"ERASURE"
]
},
"ccpa": {
"ccpaCompliant": true,
"dataCategories": [
"PERSONAL",
"IDENTIFIERS"
]
},
"dataProcessingAgreement": {
"dpaAvailable": true,
"dpaUrl": "https://example.com/dpa"
}
},
"security": {
"securityContact": "security@example.com",
"publicSecurityPoliciesLink": "https://example.com/security",
"caiq": {
"isCAIQCompleted": true,
"CAIQLiteLink": "https://example.com/caiq"
},
"isDiskEncryptionSupported": true,
"hasCompliantCertifications": true,
"compliantCertifications": [
"SOC2",
"ISO27001"
]
},
"properties": {
"updatedBy": "developer@example.com",
"updatedAt": 1642233600000,
"formStatus": "APPROVED",
"jiraLinks": [
"https://jira.atlassian.com/browse/MKPLHELP-12345"
]
}
}
}Create/Update draft version of privacy and security info for the specified app. Any update will create a new draft version. This resource requires authentication.
Usage Examples:
1PUT /rest/3/privacy-and-security/products/12345678-1234-1234-1234-123456789abc
Forge and OAuth2 apps cannot access this REST resource.
string
RequiredAppTrustInformation
RequiredPrivacy & security information saved successfully
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
curl --request PUT \
--url 'https://api.atlassian.com/marketplace/rest/3/privacy-and-security/products/{productId}' \
--user 'email@example.com:<api_token>' \
--header 'Content-Type: application/json' \
--data '{
"commonCloud": {
"dataAccessAndStorage": {
"dataAccess": {
"dataAccessDescription": "This app accesses user data to provide core functionality",
"dataAccessTypes": [
"USER_PROFILE",
"CONTENT"
],
"dataAccessScope": "USER_LEVEL"
},
"dataStorage": {
"dataStorageDescription": "User data is stored securely in our cloud infrastructure",
"dataRetentionPeriod": "90_DAYS",
"dataDeletionPolicy": "AUTOMATIC"
}
},
"thirdPartyInformation": {
"thirdPartyServices": [
"AWS",
"Google Analytics"
],
"dataSharing": false,
"dataSharingDescription": "No user data is shared with third parties"
},
"logDetails": {
"loggingEnabled": true,
"logRetention": "30_DAYS",
"sensitiveDataLogging": false
},
"dataResidency": {
"dataResidencyRegions": [
"US",
"EU"
],
"dataResidencyCompliance": true
},
"dataRetention": {
"retentionPeriod": "90_DAYS",
"deletionProcess": "AUTOMATIC",
"backupRetention": "30_DAYS"
},
"privacy": {
"privacyEnhancingTechniques": {
"dataMinimization": true,
"anonymization": false,
"pseudonymization": true
},
"gdpr": {
"gdprCompliant": true,
"dataProcessingBasis": "CONSENT",
"userRights": [
"ACCESS",
"RECTIFICATION",
"ERASURE"
]
},
"ccpa": {
"ccpaCompliant": true,
"dataCategories": [
"PERSONAL",
"IDENTIFIERS"
]
},
"dataProcessingAgreement": {
"dpaAvailable": true,
"dpaUrl": "https://example.com/dpa"
}
},
"security": {
"securityContact": "security@example.com",
"publicSecurityPoliciesLink": "https://example.com/security",
"caiq": {
"isCAIQCompleted": true,
"CAIQLiteLink": "https://example.com/caiq"
},
"isDiskEncryptionSupported": true,
"hasCompliantCertifications": true,
"compliantCertifications": [
"SOC2",
"ISO27001"
]
}
}
}'Discards the draft version of privacy and security information for the specified app. This resource requires authentication.
Usage Examples:
1DELETE /rest/3/privacy-and-security/products/12345678-1234-1234-1234-123456789abc
Forge and OAuth2 apps cannot access this REST resource.
string
RequiredDraft version of privacy and security information deleted successfully
1
2
3
curl --request DELETE \
--url 'https://api.atlassian.com/marketplace/rest/3/privacy-and-security/products/{productId}' \
--user 'email@example.com:<api_token>'Publishes the draft version of privacy and security information for the specified app. This will make the draft version live and replace the current live version. This resource requires authentication.
Usage Examples:
1POST /rest/3/privacy-and-security/products/12345678-1234-1234-1234-123456789abc/publish
Forge and OAuth2 apps cannot access this REST resource.
string
RequiredPrivacy & security information published successfully
1
2
3
curl --request POST \
--url 'https://api.atlassian.com/marketplace/rest/3/privacy-and-security/products/{productId}/publish' \
--user 'email@example.com:<api_token>'Rate this page: