App Scope and Permissions

Owned by Robert Alexander Marshall
Last updated: Jan 11, 2024
2 min read

Global scope and permissions

Each app for Confluence Cloud (like Comala Document Control) has to be configured with a specific scope.

Scopes allow an app to request a particular level of access to an Atlassian product.

This configuration is done automatically when the app is installed and adds the Comala Document Management for Confluence Cloud system user

  • as an individual user in the VIew Global Permissions screen

  • assigns the global Create Space(s) permission to the app system user

Screenshot 2024-01-11 at 21.05.33.png

The automatic configuration also adds the Comala Document Control for Confluence Cloud system user as an individual user for each space in the space settings Permissions screen.

The app system user is assigned all individual user permissions for the space except Restriction Add/Delete; Mail Delete, Space Export.

Within an instance, a global administrator may decide to further limit the actions that an app may perform. This is valuable because it allows administrators to safely install apps that they otherwise would not.

Changes in

  • scope by a global administrator may affect the global permissions for the app system user and the functioning of the app in the instance

  • individual space permissions for the app system user (due to either the global change or a space administrator change) may affect the functioning of the app in that space

Page restrictions added to content prior to the addition and application of the Document Control app workflow to the content may cause an error.

See Troubleshooting.