Scopes

Scopes allow an add-on to request a particular level of access to an Atlassian product.

This level of access sets a static upper limit on the set of API endpoints that the add-on may use, in every Atlassian product instance into which it is installed, and does not guarantee that every attempt to every endpoint them will succeed at run time.

For example:

Within a particular product instance an administrator may further limit the actions that an add-on may perform. This is valuable because it allows administrators to safely install add-ons that they otherwise would not.
The scopes may allow the potential to access beta or non-public APIs that are later changed in or removed from the Atlassian product. The inclusion of the API endpoint in a scope does not imply that the product makes this endpoint public: read the product's API documentation for API details.

The following scopes are available for use by Atlassian Connect add-ons:

JIRA

READ – can view, browse, read information from JIRA
WRITE – can create or edit content in JIRA, but not delete them
DELETE – can delete entities from JIRA
PROJECT_ADMIN – can administer a project in JIRA
ADMIN – can administer the entire JIRA instance

See the following pages for details on which remote endpoints are available in JIRA:

Confluence

READ – can view, browse, read information from Confluence
WRITE – can create or edit content in Confluence, but not delete them
DELETE – can delete entities from Confluence
SPACE_ADMIN – can administer a space in Confluence
ADMIN – can administer the entire Confluence instance

See the following pages for details on which remote endpoints are available in Confluence:

Example

Scopes are declared as a top level attribute of the atlassian-connect.json descriptor:

{
    "baseUrl": "http://my-addon.com",
    "key": "atlassian-connect-addon"
    "modules": {},
    "scopes": [
        "read", "write"
    ]
}