Privacy & permissions

Owned by Tamara Braun
Last updated: Jul 01, 2021
3 min read

This page lists all permissions that our app requires across Jira and Microsoft Teams.
Of course, we also provide a short explanation on why our app needs these permissions.

You may also check out our Microsoft publisher attestation of the app: Publisher Attestation.

Please note: We only use data to provide app features. We try to request as little permissions as possible, but unfortunately, some permissions are too broad. We are constantly working with Atlassian and Microsoft to improve this.

Jira Cloud app

When installing the app on Jira Cloud, it will ask for the following permissions:

These are basic permissions for every app. We want to create tickets for the user so we need to read and write to Jira

This permission allows us to impersonate the user. This is necessary, because when fetching issue information from the system, it allows us to respect issue & project permissions easily, by having Jira take care of it. In addition, when an issue is created, the author should be the user itself, not the Teams app - impersonation makes this possible.

This broad administrative permission is unfortunately required from a security perspective. To restrict editing app settings to Jira administrators, we need to determine if the user is actually an administrator - to get this information, the Atlassian APIs require itself administrative permissions. There is a bug open here: https://ecosystem.atlassian.net/browse/ACJIRA-2177

If you would like to know more, please get in touch!

Teams app / Microsoft account

The Teams app is divided into two parts, some permissions come from the Teams app itself, other permissions will be granted by every user (delegated).

Delegated Permissions

Delegated permissions are granted when a single user logs in from Jira with their own account.

Basic permission to be able to log the user in.

This permission is required, so we don’t need to have the user login again every day.

Teams app permissions

The Teams app permissions are granted when installing the bot/app in Microsoft Teams. Even though the list below looks fairly long, most of the permissions are quite basic and the same for all apps that include a bot.

Please note: Permissions like “Read messages in a Team” only apply to the team where the app/bot is installed in. Thus, if you have a team with confidential data you don’t want to expose to Jira, the app won’t have access, even if it’s installed in other teams.