The Runs on Atlassian program helps customers identify Forge apps that can benefit enterprise customers with strict data privacy requirements. The Runs on Atlassian badge is automatically applied to eligible apps on the Atlassian Marketplace.
Runs on Atlassian addresses the following requirements from customers:
The Forge CLI provides a programmatic way to verify the above requirements.
Eligibility for the Runs on Atlassian badge is automatically detected and applied on apps that meet the qualifications. Partners do not need to apply or opt in to receive the badge.
To determine whether your Forge apps meet the requirements for Runs on Atlassian, start by checking your manifest file for egress permissions. You can also use the Forge CLI to check the eligibility of an app.
Your app must not egress data, with the exception of egress for analytics purposes. If your app sends data for analytics and does not send in-scope End-User Data, then it is eligible for Runs on Atlassian.
Apps use analytics data to identify trends and insights, which can be used to improve app performance. These trends and insights can fall under different categories, such as web analytics and product analytics. In the context of Runs on Atlassian, you must not mark tools that don't capture analytics data as analytics egress.
The Cloud Fortified and Cloud Security Participant badges remain important signals on the investments partners have made in ensuring their apps adhere to advanced trust practices. Depending on eligibility, an app can have a combination of these badges.
Here are some things you can do to start making your apps eligible for Runs on Atlassian.
While Runs on Atlassian is a big step toward trust and transparency in the Atlassian Marketplace, we do recognize that there can be tension between functionality and the tight data containment Runs on Atlassian represents.
We also acknowledge that not all apps can be eligible for Runs on Atlassian, for example, integrations that communicate with external services by nature. Other apps may need certain capabilities to be delivered to the Forge platform before they can qualify. Some partners may already have robust security and data protection controls in their own infrastructure and they may decide that Runs on Atlassian doesn’t enhance the way they position themselves to customers.
We’re committed to building platform improvements that will expand eligibility for Runs on Atlassian
and we need collaboration from partners to identify and prioritize improvements that have
the greatest impact. If you have a feature request that will help you qualify for Runs on Atlassian,
please open a FRGE ticket
and apply the runs-on-atlassian
tag.
Sending data to analytics tools and services outside of Atlassian is not considered data egress, provided that:
We're introducing controls that allow app admins to enable or disable access to analytics and log sharing during app installation, as well as after installation. This allows apps using analytics platforms to still qualify for Runs on Atlassian while putting customers in full control of their data.
While egress permissions can be categorized as analytics, app admins can still choose to disable access to analytics. You must ensure that your app can efficiently handle the scenario when analytics access is disabled. Otherwise, this may lead to poor user experience, in the form of failing app invocations or elements not rendering properly in the UI, and more.
Customers tell us they value the transparency of the Privacy and Security tab but observe inconsistencies in partner-attested data. Over time, we may shift to automatically verifying certain fields based on the Forge manifest to standardize the information displayed to customers.
Runs on Atlassian apps are marked with a badge on the Marketplace listing. Customers can also filter for apps by the badge.
The Runs on Atlassian badge also appears in the app management experiences, where customers can verify whether or not their currently installed apps are eligible for Runs on Atlassian.
Yes, customers will know if an app update invalidates eligibility.
The following updates are considered major updates:
dynamic
web trigger.static
web trigger to dynamic
.inScopeEUD
from false
to true
for an
egress permission element for
the first time.Major updates require admins to manually approve the update itself. If a major update results in an app no longer qualifying for Runs on Atlassian, this information will be surfaced to the admin at the time of the update. See Major version upgrades for more details.
No, removing egress is considered a minor update.
A major update is triggered when a new URL is added or when an existing URL is assigned to a new egress category, but not when egress URLs are removed.
Note, removing an existing URL of an external provider
from the providers
section of the manifest is considered a major update. This means admins may
need to provide consent when updating their app.
See Major version upgrades for more details.
At the moment, we do not support making only one app edition eliglble for Runs on Atlassian. All editions of an app must either be Runs on Atlassian or not. This is due to the fact that scopes and permissions must be the same across all editions of an app. We’re considering adding support and we encourage partners to get in touch if this is something you need.
Rate this page: