Hi everyone,
I’d like to bring up a discussion about a limitation I’ve been facing when working with service accounts.
Currently, a service account can only generate scoped API tokens, while regular users can still create global tokens. I understand that Atlassian’s approach focuses on improving security, but in real-world scenarios this creates some important restrictions.
From my perspective, a few questions come up:
In more complex integrations, the available scopes don’t always cover all required APIs.
Some legacy tools or connectors simply don’t work with scoped tokens.
There are situations where we truly need broader access for critical automations.
And migrating everything to OAuth 2.0 isn’t always possible.
My question for the community is:
Why can’t service accounts generate a global token, especially when the current scopes don’t fully support certain integration needs?
Has anyone else faced this issue?
How are you handling this limitation?
I’d really like to hear your experiences and opinions!
