Available Atlassian Rovo MCP server domains

HTTP

127.0.0.1

localhost

HTTPS

app.writer.com

chatgpt.com

claude.ai

claude.com

integrations.zoom.us

figma-gov.com

global.consent.azure-apim.net

api.devin.ai

*.apps.dynatrace.com

*.azuredatabricks.net

*.databricks.com

*.resolve.ai

vertexaisearch.cloud.google.com

lovable.dev

mcp.docker.com

callback.mistral.ai

oauth.pstmn.io

token.botframework.com

vscode.dev

us-east-1.quicksight.aws.amazon.com

Protocol-specific

Protocol: cursor:

Domain/value: cursor.mcp

Protocol: raycast:

Domain/value: oauth

Who uses it

Browser‑based apps, extensions, desktop apps, local tools that can open a browser window.

How it works

The client app redirects the user to Atlassian to show a consent screen, then receives redirects and tokens on its own URL.

Where redirects / calls come from

Redirect URIs and token exchanges originate from the client’s URL (for example, https://extension.example.com/callback).

What the domain rules control

Which client origins can receive OAuth 2.1 redirects and tokens. The client’s origin must match a domain or pattern in this list.

Add a single domain

You want to allow access from one exact origin only.

https://aiagent.mydomain.com

http://localhost:5678

Add a pattern

You want to cover multiple domains, subdomains, ports, or paths in one rule.

Use wildcards or braces, for example:

• https://*.example.com/**

• https://{dev,staging,prod}.platform-demo.com/**

• http://localhost:*/**

Always include a protocol

Every pattern must start with a protocol such as https://, http://, or a custom protocol like cursor://. http:// is only valid for localhost or 127.0.0.1. Patterns without a protocol are rejected.

✅ https://aiagent.mydomain.com

✅ cursor://cursor.mcp

❌ *.example.com/** (missing protocol)

❌ ://example.com/** (empty protocol)

Specify a valid domain or host

The pattern must include a valid domain, IP address, or host after the protocol. Wildcards (*) are allowed in the domain part, but you can't omit the top‑level domain. For local dev, use localhost or 127.0.0.1.

✅ https://*.example.com/**

✅ https://specific.domain.com/**

❌ https://** (missing domain)

Use a port or port wildcard (optional)

You can specify a fixed port (:8080) or a wildcard (:** or :*) to match any port, which is useful for local development or varying environments.

✅ https://localhost:**

✅ http://localhost:*/**

Allow localhost domains (optional)

localhost and 127.0.0.1 refer to the user’s device and aren’t accessible from the public internet. Port (:*/, :**) and path (/**) wildcards allow local clients to use any port and path on that device. These entries enable local MCP clients to complete OAuth 2.1 flows and use API token access from a localhost origin.

✅ http://localhost:*/** ✅ http://127.0.0.1:*/**

You can keep these to support local tools, or remove them to further restrict access.

Use a path wildcard (optional)

Add /** at the end of your pattern to match any path under the domain, so the pattern covers all URLs at or below that domain.

✅ https://*.example.com/** ✅ https://specific.domain.com/**

Use wildcards and braces for flexibility

Use * as a wildcard for subdomains or paths. Use {} braces to specify multiple allowed subdomains or environments. Only the specified environments (dev,staging,prod) can be used as subdomains.

✅ https://{dev,staging,prod}.platform-demo.com/**

✅ https://agent-*.saas-demo.com/**

Pattern must be a valid URL structure

The pattern must represent a valid URL, including protocol and domain. Patterns are checked by replacing wildcards with test values to ensure they form a valid URL.

✅ https://agent-*.saas-demo.com/**

(forms valid URLs when * is replaced)