Scopes Justification

Below we explain why the app requires each of the permissions (scopes) declared in manifest.yml. The descriptions are concise and refer to real usage in the code and the available gadgets.

admin:connect-jira

• Enables administrative operations such as managing cross-project templates and creating versions.

act-as-user:connect-jira

• Allows the app to retrieve information about user admin permissions on the backend.

read:connect-jira

• Grants basic connectivity and read access to Jira data, including app properties, user groups, issues, service desk organizations, permissions, server info, sprint info, and user info for template variables. This scope is foundational and cannot be removed.