Resolve OAuth 2.0 Scope Issues for Jira Mail Handlers in Data Center

Platform Notice: Data Center Only - This article only applies to Atlassian products on the Data Center platform.

Note that this KB was created for the Data Center version of the product. Data Center KBs for non-Data-Center-specific features may also work for Server versions of the product, however they have not been tested. Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.

*Except Fisheye and Crucible

Summary

Learn how to fix OAuth 2.0 scope issues for Jira Mail Handlers in Data Center.

Setting the correct scope in OAuth 2.0 is essential for successful integration.

Diagnosis

Checking the scopes

Check the scope configuration in your OAuth 2.0 integration., which is located

  • Go to ⚙ > System and select Oauth 2.0 for Jira versions up to 8.21.x.

  • Go to ⚙ > Applications and select Application Links for Jira versions from 8.22.0.

Microsoft Accounts

For Microsoft accounts, the scopes should match precisely the ones from the list below:

  • In case of a Worldwide plan including Government Community Cloud (GCC), which is the most common type of plan, use the following scopes:

    1 2 3 https://outlook.office.com/IMAP.AccessAsUser.All https://outlook.office.com/POP.AccessAsUser.All offline_access

  • In case of a US Government DoD or US Government GCC High plan, use the following scopes:

    1 2 3 https://outlook.office365.us/IMAP.AccessAsUser.All https://outlook.office365.us/POP.AccessAsUser.All offline_access

GMAIL accounts

For GMAIL accounts, you only need to use the scope below, which will work for both IMAP and POP:

1 https://mail.google.com/

If the scopes don't match, follow the steps below to resolve the issue.

Cause

Incorrect scopes are used in the OAuth 2.0 configuration

Solution

Use the right scopes for Microsoft as explained in the official documentation Setting up OAuth 2.0 integration:

  • In case of a Microsoft Worldwide plan including Government Community Cloud (GCC), use the following scopes (this is the most common scenario):

    1 2 3 https://outlook.office.com/IMAP.AccessAsUser.All https://outlook.office.com/POP.AccessAsUser.All offline_access

  • In case of a Microsoft US Government DoD or US Government GCC High plan, use the following scopes (this is the most common scenario):

    1 2 3 https://outlook.office365.us/IMAP.AccessAsUser.All https://outlook.office365.us/POP.AccessAsUser.All offline_access

If the above doesn't fix the issue, check Fix OAuth 2.0 Issues in Jira Mail Handlers for Data Center for other possible causes and solutions.

Updated on May 1, 2025
Platform
Data Center only
Products
Jira Core Data Center
Jira Software Data Center
Jira Service Management Data Center
On this pageSummaryDiagnosisCauseSolution

Still need help?

The Atlassian Community is here for you.
Ask the Community