I am assessing an addon to our JIRA/Confluence cloud instance. In the marketplace under 'Integration Details' There is the following statement:
'xxxxx for JIRA integrates with your Atlassian product. This remote service can:
- Administer the host application
- Administer Confluence spaces
- Administer JIRA projects
- Delete data from the host application
- Write data to the host application
- Read data from the host application'
That would appear to be giving full access to all of our Confluence and JIRA data to a third party.
However, looking at an existing plugin that we have installed, it has added a system user and has placed that system user in the jira_software_users group.
And I correct that a plugin can be limited in the data it can access in our instance by securing spaces and projects to only allow access to users with additional groups above the basic jira_software_users group?
Or do plugins get access to all our data?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.