Discover Jira Cloud products
Learn more about Jira Cloud products, features, plans, and migration.
Permissions required for Github for Jira
From 12 September 2024, we are updating permissions to enable new Atlassian Rovo functionality, and prepare for upcoming Github OAuth changes.
These updates are optional if you only use the Github for Jira app to link Github data to Jira (like PRs, commits, and branches).
By granting the GitHub for Jira app access, you are providing the following authorizations to your GitHub and Jira accounts:
Jira permission scopes
Read, write, and admin access for development information: This includes branches, commits, and pull requests.
GitHub permission scopes
Repository Permissions
Permission scope | Why the app needs it |
|---|---|
Read-only access to actions | This permission enables access to theworkflow_run webhook event, providing information including artifacts_url, check_suite_id, conclusion, head_branch, and head_sha. |
Read-only access to code scanning alerts/security events | To receive Github code scanning alerts in Jira, the app needs read permissions for security events. The app will listen to code_scanning_alert webhooks and send security report details to Jira. These will appear under the "Other links" tab of the Development Panel on Jira issues. |
Read-only access to deployments | To see build and deployment information in Jira, the app needs read permissions for deployments. This allows it to listen to the webhook deployment_status event which occurs when a deployment is created. Read-only deployment permissions are used for the following webhooks:
|
Read-only access to metadata | As a mandatory requirement by GitHub, all apps have read-only metadata access by default. This is to provide access to a collection of read-only endpoints with metadata for various resources. These endpoints do not provide sensitive private repository information. Read-only metadata permissions are used for the following webhook:
|
Read and write access to issues and pull requests | This permission powers Smart Commit actions and allows Jira URLs to unfurl in comments. Unfurling refers to the app detecting Jira issue keys in square brackets like [ABC-123] and replacing them with respective Jira issue links. Issues: Read and write issue permissions are used for the following webhooks:
Pull requests: Read and write pull request permissions are used for the following webhooks:
Notes:
|
Read and write access to content (code) | Read permissions sync development information to Jira for the following webhooks:
Write permissions allow branch creation from an issue's dev panel. Note: for GitHub Enterprise integration (where the user owns the GitHub app) "Write" permission is optional. When not provided, the "Create Branch" feature will not function. |
Organization permissions
Permission scope | Why the app needs it |
|---|---|
Read-only access to members | To determine if you have admin access to a GitHub organization. |
Events Our App Subscribes To
Event | When this event occurs |
|---|---|
Code scanning alert /security events | Code Scanning alert created, fixed in branch, or closed |
Commit comment | A commit comment is created |
Create | A Git branch or tag is created |
Delete | A Git branch or tag is deleted |
Deployment status | A deployment is created |
Issue comment | Activity related to an issue or pull request comment |
Issues | Activity related to an issue |
Pull request | Activity related to pull requests |
Pull request review | Activity related to pull request reviews |
Push | One or more commits are pushed to a repository branch or tag |
Repository | Activity related to a repository |
Workflow run | When a GitHub Actions workflow run is requested or completed |
Have more questions about permissions? Check out our FAQ documentation. If you can’t find the answer you’re looking for, feel free to open an issue or contact our support team. We're here to help.
Was this helpful?
Still need help?
The Atlassian Community is here for you.