Read-only application link

I'm developing an application which connects to JIRA using a user's credentials (through OAuth), but which only needs read access. Currently, when a user accesses the application, JIRA's OAuth authorization page says "The application foo would like to have read and write access to your data on" (emphasis theirs). 

I'd rather request only read permissions, to prevent accidentally corrupting data and to reassure users that I don't intend to mess with their stuff. How can I configure things such that only read access is requested?

1 answer

0 vote

Once you create the application link, you will be asked to create an OAuth token by logging in with a valid JIRA user. At that time, you can make sure that the user used only has "Read Access". 

In short, it is not done at the app link level but at the user level.

That's the thing, though... these are just normal users, who need and have full r/w access when using JIRA directly. (And, of course, I don't want them to have to log out from JIRA and into some secondary read-only account every time they want to use my app.) Is there some way for an application to request, and the user to grant, less access than the user themself has?

I am not sure if there is an option. None known to me. Will leave it to others to chime in.

Suggest an answer

Log in or Join to answer
Community showcase
Sarah Schuster
Posted Jan 29, 2018 in Jira

What are common themes you've seen across successful & failed Jira Software implementations?

Hey everyone! My name is Sarah Schuster, and I'm a Customer Success Manager in Atlassian specializing in Jira Software Cloud. Over the next few weeks I will be posting discussion topics (8 total) to ...

3,317 views 14 20
Join discussion

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you
Atlassian Team Tour

Join us on the Team Tour

We're bringing product updates and pro tips on teamwork to ten cities around the world.

Save your spot