Early access: limit 3rd party app access to content in selected Jira projects

05/02/2024 Update: this feature is now generally available!

Hello Trust & Security Community!

We know Marketplace apps are a key part of your Atlassian solution, but depending on your organization’s requirements, you may have concerns about giving third party apps access to certain content in cloud. To help you exercise more control over the content apps can access, last year we launched an early access program for a new data security policies “app access” rule limiting app access to content in specific Confluence spaces.

Now we’re expanding the early access program to include Jira! Later this month, EAP customers will be able to start testing the app access rule to better control app access to content in selected Jira projects.

We’re looking for Atlassian Access customers or customers on the Cloud Enterprise plan to sign up to test the rule and give us feedback on the experience. Here are the details:

What is the app access rule?

Data security policies help you keep your organization’s data secure by letting you govern how users, apps, and people outside of their organization can interact with content within Confluence spaces and Jira projects.

The app access rule is a new rule under data security policies (which you can follow here on our cloud roadmap) which allows org admins to restrict 3rd party app access to content in Confluence spaces and/or Jira projects. In this way, you can benefit from the extended functionality apps provide while still limiting third-party access to certain content.

What do you get with early access?

This EAP will focus on limiting app access in specific Jira projects under a given data security policy, but our early access program for Confluence is still running and you’re welcome to test the feature for Confluence as well.

All EAP participants will be able to allow or block all apps from accessing content in the Jira projects and/or Confluence spaces under a given data security policy. This feature will eventually be available for all Jira customers. However, early access will only be available to customers with Atlassian Access.

EAP participants will also be able to start testing selective app blocking in the near future as part of this EAP. Selective app blocking allows you to give critical, trusted apps access to selected content while blocking other apps from accessing the same content. At GA, this feature will be available for Atlassian Access customers only.

Who are we looking for?

To participate in this EAP, you must:

• be on an active Enterprise plan for Jira Cloud or have Jira Cloud + Access

• have at least one Jira Cloud app installed

What’s involved in participating in this EAP?

If selected, we’ll give you access to the new rule and ask that you test it out in a sandbox or test site and give feedback.

We may also email you directly with questions about your experience, ask you to join a call to discuss your experience and expectations, or even ask you to participate in a 1 hour research session to test out improvements to the experience in some cases.

When does it start?

If you are selected to participate in the EAP, we’ll reach out to you with details in early February.

If you aren’t selected, don’t worry — in the coming months we plan to move out of early access and toward general availability. Eventually:

• allowing and blocking all apps will be available to all Atlassian customers, and

• selective app blocking will be available to all Enterprise and Access customers.

Keep an eye out here in the Community for future updates.

How do I sign up?

Please indicate your interest here and we’ll reach out if you are selected to participate.

Thanks so much in advance for your insight!