Skip to main content
Skip table of contents

Why does sumUp for Jira now request Jira administration permissions?

In one of our latest updates, we migrated the Filter Results gadget to Atlassian’s Forge platform. This improves performance and security, but it also changes how permissions are handled.

The app now needs to access Jira's priority configuration to display issue priorities correctly (according to the custom order set by your Jira admin). Unfortunately, Jira only makes this data available under the broad manage:jira-configuration scope.

That change results in the following modal when updating the app:

SUMC_app-update-scope-change.png

While the wording might look like the app is asking for broad administration rights, in practice we only use this scope for the single purpose of reading the priority order. We do not make any changes to your Jira configuration or perform admin actions.

We realize this isn’t ideal, because it looks broader than what we use. We’re already in conversation with Atlassian to advocate for a narrower permission to respect the “least privilege” principle and avoid unnecessary customer concerns.

Important Note

  • sumUp only uses this scope to read priority information.

  • We do not perform any administrative changes in your Jira environment.

  • We’re actively engaging with Atlassian to advocate for a narrower, more appropriate permission.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close