This page lists all permissions that our app requires across Confluence, Microsoft and Jira and gives a short explanation why we need the permission.
We only use the data to provide app features. We try to request as little permissions as possible, but unfortunately, some permissions are too broad. We are constantly working with Atlassian and Microsoft to improve this.
You may also check out our Microsoft publisher attestation of the app: Publisher Attestation.
Confluence Permissions
When installing the app on Confluence Cloud, it will ask for the following permissions:
Read & Write & Delete data
These are basic permissions for every app. We need to store settings in the instance to make the app work.
Act on a user's behalf
This permission allows us to impersonate the user. When we work with pages or spaces, it makes it easy to ensure that the current user has the correct permissions to update the page/space.
Microsoft 365 permissions
These permissions are requested one by one, once a users tries to use a feature that requires the permission.
You can find an explanation on all permissions here: https://docs.microsoft.com/en-US/graph/permissions-reference
User info: email, offline_access, profile
These permissions are always requested through the app once you login to Microsoft 365. It is required to being able to read the most basic profile information about the current user and allows us to get a token for the future usage.
User directory: User.ReadBasic.All
Allows us to read basic information about the users in your tenant. This is required to give smart suggestions when users search for other users.
Own user calendars: Calendar.ReadWrite
Allows us to read the calendars of the current user to display them in Confluence.
Other users calendars: Calendar.ReadWrite.Shared
Allows to open calendars that are shared with the current user - e.g. the schedule of a coworker.
Meeting Rooms: Place.Read.All
Allows to search for meeting rooms within your tenant to embed them into Confluence.
Groups & Teams Calendar: Group.ReadWrite.All
Allows to access the Office Groups (including Teams) of the current user and retrieve the associated calendar.
People.Read
Allows the app to read a ranked list of relevant people of the signed-in user. The list includes local contacts, contacts from social networking, your organization's directory, and people from recent communications (such as email and Skype).
MailboxSettings.Read
Used to get Microsoft-related settings like timezones, working hours etc.
Jira cloud app
User Profile: me:read
Get the own Jira user and was used for the login. Used on the UI for display name, avatar image, etc.
Jira User Data: read:jira-work
Allows us to access Jira projects, releases and issues the current user has access to.