• Products
  • Documentation
  • Resources

Security settings in a mobile app policy

Atlassian cloud mobile apps support an organizational mobile app policy to apply additional security settings to the apps.

Mobile app policy is supported by the Jira Cloud, Confluence Cloud, and Opsgenie mobile apps for iOS and Android. 

Shows and describes mobile app security settings

This table describes each security setting you can configure for the Jira Cloud, Confluence Cloud, and Opsgenie mobile apps and gives a more detailed explanation of how they work. Learn what end users experience when you create a policy

Security setting

How it works

Apply policy to

All users with access to your organization’s products

Your policy applies to all users – both managed and unmanaged – within your organization, including any new users that are added after the policy is created.

Specific users

Your policy only applies to the users you select. These users must have managed accounts.

App data protection

Disable sharing, saving or backing up content from the mobile app

Users cannot perform actions that would allow content to be:

  • backed up to iCloud or Google Cloud.

  • saved to external storage (e.g. SD card).

  • shared with any other apps.

Disable screenshots and screen recording of the mobile app

  • Users cannot take a screenshot of your content while the mobile app is open

  • Users are blocked from using the mobile app if they turn on screen recording.

Disable cutting or copying content from the mobile app

Users cannot cut or copy content from the mobile app.

App access requirement

Block compromised devices

The mobile app runs a series of checks to verify the integrity of the device. If it is compromised, users are prevented from accessing your organization's content within the app.

Android devices require Hardware-backed Keystore to access the content.

Atlassian reviews and updates the checks regularly to address new device exploits.

Block third-party keyboards on iOS

You’re able to block third-party software keyboards on iOS devices from your mobile app policy. This prevents potential data leakage or unauthorized access to your organization’s Atlassian product data.

  • Users are unable to use third-party software keyboards

Require data encryption

iOS devices and most newer Android devices are encrypted by default.

Users of older devices must enable encryption. If the device cannot be encrypted, they will not be able to use the mobile app on that device.

Require biometric authentication or a device passcode

Users must have a passcode/Face ID/Touch ID (for iOS) or screen lock (Android) enabled on their device.

Users need to authenticate when they open the mobile app and if the mobile app has been in the background for more than 2 minutes.

Require a minimum OS version

Require minimum OS version (or higher) on the user device.

Supported versions are:

  • iOS: 15 to 17

  • Android: 8.0 to 15

Override any IP allowlists to allow access from Jira and Confluence mobile apps

Overrides Atlassian cloud IP allowlists, allowing the Jira and Confluence mobile apps to access your content from any IP address. The mobile app runs a series of checks to verify the authenticity of the app to ensure it was downloaded from a genuine app store and is not modified.

Note: We encourage administrators to also enable Block compromised devices when using this setting to enable device integrity checks.


Additional Help