Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions
Community
Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning Events Champions
Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning Events Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources
  • Community
  • Q&A
  • Rovo
  • Questions
  • Rovo MCP search API returns access errors despite successful OAuth authentication and access to Conf

Rovo MCP search API returns access errors despite successful OAuth authentication and access to Conf

Shaked Cohen
Shaked Cohen
June 11, 2026

Hi,

I'm integrating Atlassian Rovo MCP into an internal support agent and I'm able to authenticate successfully, but I cannot get Rovo Search to work.

Environment:

  • Site: upwindsecurity.atlassian.net
  • Using the Atlassian MCP server programmatically (not through Claude UI)
  • OAuth authentication succeeds
  • I can successfully call other Atlassian MCP tools

What works:

  • Authentication succeeds
  • atlassianUserInfo works
  • getAccessibleAtlassianResources works
  • getConfluencePage works
  • searchConfluenceUsingCql works
  • getConfluenceSpaces works
  • getPagesInConfluenceSpace works

Example:
I can successfully retrieve Confluence page content through MCP, including page:
"AWS - Upwind SOC Environment Installation"

What does not work:

  • The generic Rovo Search tool (search) fails
  • Natural language search queries fail even though Confluence content is accessible through the other tools

We verified:

  • OAuth token is valid
  • Cloud ID is correct
  • User has access to the relevant Confluence content
  • Other MCP tools return data successfully
  • The issue appears specific to Rovo Search

Questions:

  1. Does the MCP search tool require additional Rovo licensing, permissions, or product enablement beyond standard Confluence access?

  2. Are there specific user roles or site-level settings required for programmatic Rovo Search access?

  3. Is there any way to verify whether Rovo Search is enabled for a given site through MCP or Atlassian administration settings?

  4. Are there known cases where Confluence MCP APIs work but the Rovo Search MCP tool is unavailable or returns access errors?

  5. Based on the information above, what is the most likely root cause in our environment?

  6. Can you provide the exact steps an Atlassian admin should follow to verify and resolve this issue?

  7. If additional permissions, licenses, scopes, Rovo settings, or product subscriptions are required, could you specify exactly which ones need to be enabled and where they can be configured?

Our main goal is to understand exactly what configuration or entitlement is missing so that we can make the MCP search tool work programmatically in the same environment where the other Confluence MCP tools already work successfully.

image.png
The attached screenshots demonstrate that authentication succeeds and multiple Confluence MCP tools return content successfully, while only the generic Rovo search tool returns an access-denied error.

Answer
Watch
Like Be the first to like this
28 views

1 answer

0 votes
Germán Morales _ Hiera
Germán Morales _ Hiera
Atlassian Partner
June 11, 2026

Hi @Shaked Cohen , the asymmetry you're seeing is the clue, and it isn't licensing. The MCP tools, search included, are free for Cloud sites, so a missing Rovo subscription isn't it. What's almost certainly happening is that the Rovo MCP server's Search permission isn't authorized at the org level. Atlassian recently made the server's Read, Write and Search permissions individually controllable by the org admin, and a blocked one returns exactly your error: "Access denied: Your organization admin has not authorized the [permission] permission." Your Confluence tools work because Read is allowed; the generic search tool fails because Search isn't.

The fix is on the admin side: Atlassian Administration > Rovo > Rovo MCP server > Permissions, set Search to Allowed (Edit details if they want to scope it more tightly). It applies immediately, no reconnect. If Search is already allowed there, two things to check next: the OAuth scopes your client was actually granted, since the search tool needs a Rovo search scope (search:rovo:mcp) that's separate from the Confluence read scopes you already have; and your IP allowlist, which is evaluated per app, so a network that's allowed for Confluence can still be blocked for Rovo. The org audit log will show the denied invocation and tell you which of the two it is. Admin reference: Configure Atlassian Rovo MCP server permission

View More Comments
Shaked Cohen
Shaked Cohen
June 11, 2026

Hey @Germán Morales _ Hiera I think you tagged the wrong "Shaked Cohen" here, I did not open this ticket and you tagged me.

Like
Germán Morales _ Hiera
Germán Morales _ Hiera
Atlassian Partner
June 11, 2026

Apologies @Shaked Cohen , there are two accounts under your name and I tagged the wrong one. Fixed now, you can ignore the mention. Thanks for flagging it.

Like
Reply

Suggest an answer

Log in or Sign up to answer
Rovo Atlassian Intelligence
Rovo
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2026 Atlassian
    Privacy Policy Notice at Collection Terms Security