-
Type:
Suggestion
-
Resolution: Unresolved
-
Component/s: Channel - Chat
-
None
-
8
-
1
Issue Summary
When configuring the Atlassian integration with Microsoft Teams, the consent screen asks for the Read organisation information permission (Organisation.Read.All)
Customer’s concerns:
- This is perceived as a very broad, tenant‑wide permission, and they feel Atlassian is requesting “a lot of access” for the integration to work.
- They state that other third‑party applications they use do not request such a high level, organisation‑wide permission, or at least not under such a broad‑sounding scope.
- Due to internal security/compliance requirements, they are reluctant to approve this permission without a clearer justification or a less‑privileged option.
Steps to Reproduce
- Attempt to integrate Teams with JSM chat
- Proceed to the Microsoft consent screen.
- Observe that Read organisation information (Organisation.Read.All) is requested as an application permission.
- Attempt to continue without granting this permission (if possible) and observe that the app cannot be fully configured or does not function correctly.
Expected Results
The app should either:
Work with more limited, user‑delegated permissions (e.g. without tenant‑wide Organisation.Read.All)
OR
At a minimum, provide a clear in‑product explanation of: Why Organisation.Read.All is strictly necessary. What exact data is accessed? Confirmation that no write/admin actions are performed and no sensitive content (mail, docs, etc.) is accessed
Actual Results
NA
Workaround
NA