Control for Forge apps installation

XMLWordPrintable

    • Type: Suggestion
    • Resolution: Unresolved
    • Component/s: EcoAppSec

      Problem Statement:

      Org and site admins expect to have full control over what gets installed on their Atlassian cloud sites. However:

      • The "User Installed Apps" toggle does not restrict Forge app installation — it only applies to OAuth 2.0 (3LO) user grants.
      • Forge apps can currently be installed by any user with Jira Administrator (product admin) privileges — not just site admins.
      • There is no dedicated setting for admins to block or restrict Forge app installations at the org or site level.

      Suggestion:

      Provide org/site admins a dedicated setting (similar to the "User Installed Apps" toggle) to control Forge app installation behavior. This could include options such as:

      • Allow all — Any user with Jira/Confluence admin privileges can install Forge apps (current default behavior)
      • Site admins only — Only site admins can install Forge apps
      • Org admins only — Only org-level admins can install/approve Forge apps
      • Block all — No Forge app installations allowed without explicit org admin approval

              Assignee:
              Srivathsav Gandrathi
              Reporter:
              Ramchandra Kudtarkar
              Votes:
              1 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated: