/
How are SharePoint Online user permissions applied in Jira Cloud?

How are SharePoint Online user permissions applied in Jira Cloud?

As a rule of thumb, only users who have direct access to information in SharePoint Online will also have access to it when the information is embedded in Jira Cloud.

Technical Details

For authorization within the app, the user directories of SharePoint Online and Jira Cloud (e.g., Azure AD and Atlassian Accounts) are not directly used. This means that user bases can differ between Jira and Azure AD.

In the background, we use OAuth 2.0 to authenticate using the Microsoft Identity Provider in order to allow our App to access the Graph API on behalf of the user with the scopes that are listed on https://communardo.app/YgJEPa . Since our app architecture is based on Atlassian Forge, this authentication flow is handled by Atlassian infrastructure in the backend as documented on https://developer.atlassian.com/platform/forge/manifest-reference/providers/.

Once authentication and authorization are completed, the user will not be asked to re-consent the next time they access our app.

How the user permissions affect the Jira integration

The user must also consent to the app in order to use its features.

The user is not logged in to SharePoint

If users are logged in to Confluence but not to Microsoft, they won’t see any SharePoint content. Instead, the following message will be displayed:

Image 1: User not logged in to Microsoft cannot see any SharePoint content

The user is logged in to Jira and Microsoft

If a user is logged in to both Confluence and Microsoft, then the Jira Issue Panel will only display SharePoint content the logged-in Microsoft user is permitted to see in SharePoint itself.

Especially in a document library where the logged-in SharePoint user has access to only some (but not all) file folders: In this case, the SharePoint List macro will also only display those file folders.

The user is logged in without permission

If the Issue Panel is configured to show files or folders that the logged-in SharePoint user isn’t allowed to see, the following hint will be displayed:

image-20250723-070619.png
Image 2: Logged-in SharePoint users can only see SharePoint files or folders they are authorized to access

Guest access

Guest access is not currently supported.

Related Articles

High Level Architecture

App Permissions