I am assessing an addon to our JIRA/Confluence cloud instance. In the marketplace under 'Integration Details' There is the following statement:
'xxxxx for JIRA integrates with your Atlassian product. This remote service can:
That would appear to be giving full access to all of our Confluence and JIRA data to a third party.
However, looking at an existing plugin that we have installed, it has added a system user and has placed that system user in the jira_software_users group.
And I correct that a plugin can be limited in the data it can access in our instance by securing spaces and projects to only allow access to users with additional groups above the basic jira_software_users group?
Or do plugins get access to all our data?
The modification you mention would, in theory, work, however, it could break many add-ons if they require administrative level access.
My recommendation would be to reach out to the vendor in question regarding which add-ons you're most concerned about.
Let me know if you have any trouble determining that!
I attended Atlassian Summit 2019 and learned a lot from the presenters, attendees and knowledgeable Atlassian product managers. The presentations I attended focused on applying Agile, pla...
Connect with like-minded Atlassian users at free events near you!Find an event
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no Community Events near you at the moment.Host an event
You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events