Skip to main content

User Authentication and Permissions

Sprint Reports for Jira utilizes a secure OAuth 2.0 authentication flow to ensure the confidentiality and integrity of your data. This section details the user authentication process and permission levels within the app.

User Authentication

  • OAuth 2.0 Flow: Sprint Reports for Jira leverages OAuth 2.0, a secure authorization framework, for user authentication. During the onboarding process, you will be redirected to a secure Atlassian login page where you can authorize your Jira account to connect with the Sprint Reports for Jira app.
  • Granting Permissions: By authorizing the connection, you grant Sprint Reports for Jira specific, pre-defined permissions to access your Jira data necessary for report generation. These permissions are limited and do not include your Jira account credentials.
  • Secure Connection: Once authorized, a secure connection is established between your Jira account and Sprint Reports for Jira, allowing the app to access and process your data.
  • Jira App permission scopes:
    • read:issue:jira-software
    • read:jira-work
    • read:project:jira
    • read:jira-user
    • read:issue-details:jira
    • read:jql:jira
    • read:user:jira
    • read:epic:jira-software
    • offline_access
    • read:sprint:jira-software
    • write:jira-work
    • read:me
    • read:audit-log:jira
    • read:board-scope:jira-software

Permission Levels

  • Sprint Reports for Jira employs a role-based access control (RBAC) system to manage user permissions within the app. There are two primary user roles:
  • Member:
    • This is the default role assigned to all users upon initial setup. (Except the person who sets the app up and the invited admins)
    • Members can view generated reports and access basic app functionalities.
    • They cannot modify configurations, manage teams, or invite other users.
  • Administrator:
    • Anyone can be assigned the Administrator role within Sprint Reports for Jira.
    • Administrators have full access to all app functionalities, including:
      • Managing teams and users within the app (including inviting additional users).
      • Assigning appropriate roles (like Administrator) to other users.
      • Modifying app configurations and settings.
      • Accessing and managing all reports generated by the app.