Add-ons can now act on behalf of users.

Atlassian Connect now supports the JWT Bearer token authorization grant type for OAuth 2.0 for JIRA and Confluence Cloud. This allows add-ons with the ACT_AS_USER Scope to access resources and perform actions in JIRA and Confluence on behalf of users.


This flow is "two-legged". At install time, the administrator authorizes the add-on to use this functionality, rather than individual requests needing authorization by specific users.

Suggested uses:

  • Leverage existing user permissions to show only user's authorized content.
  • Access user-specific data for data analytics.
  • Perform actions as 'offline' users, e.g. add a comment in response to an email, as the sender of the email.
  • Associate users across integrated systems to improve the user experience.

To get started: