Background
Atlassian platform provides an activity feed endpoint at https://<myorganization>.atlassian.net/activity. Even if it's not based on the most up-to-date technology it's still the only way to access user's activity programmatically. The endpoint is documented here.
The activity feed endpoint can be accessed by the browser when atlassian.net session is valid. Also, the feed can be accessed with the help of API tokens (that can be configured here).
However, the activity endpoint cannot be accessed with OAuth2-acquired access token. There is no scope for it and even if the token had been granted wide scope access the activity feed shows no activity (just like it shows with no authentication at all).
Feature Request
Please add a new granular scope that can be configured at developer.atlassian.com and acquired via OAuth2 flow so that the access code can then be used to fetch activity feed at https://<myorganization>.atlassian.net/activity with the user's rights.
The current option to use API token is not good from the security point of view. External applications should utilize OAuth2 flow and it should enable the application to access activity feed.
