Care about security? We do too. Learn what Atlassian does and what you can do too.
App access rule data blocking is an early access feature and subject to change. It is available only to participants in the Early Access Program (EAP).
This document is a work in progress and Atlassian will be making updates in the days to come.
App Access rules control what information apps can read and write in Jira Cloud. By default, installed apps can access data in any Jira project. Jira and organization admins can choose to block app access throughout all of Jira or in specific projects.
Apps use REST APIs to read and write data in Jira projects, and content within the project. When an API is blocked by an app access rule, the org admin can allow or block an app from accessing that content or performing that action in a selected project.
APIs that are not blocked by an app access rule allow an app to read and write to any project or type of content accessed by that API within a project, even when the Admin has decided to block app access.
Note: When an app is blocked from a project, it can’t read or write to any of the objects in the project, but it can still read and write to project-level data.
How to find API documentation
To find API documentation:
Find the API in the tables below.
Copy your API’s API docs link.
Select the Search box.
Paste the link.
From the search results, select the correct API.
The following document lists:
The APIs that are blocked when the admin turns on the app access rule. Apps using these APIs will no longer be able to access the content or perform the actions listed below.
The APIs that are not blocked when the admin turns on an app access rule. This means that apps can still use these APIs to access Jira projects and content even when the admin has decided to block app access.