Skip to main content
Skip table of contents

Scopes & Permissions

External domains (for images):

  • *.atlassian.com : We cannot upload images directly to the survey in Cloud because the images get part of the JSON which is then too big for the Storage API of Forge. Instead, it is possible to upload images to a Confluence page as an attachment and link this attachment. Because attachments are stored on api.media.atlassian.com, we whitelist *.atlassian.com for images.

  • *.atlassian.net : Used to retrieve a user's Confluence profile picture.

  • *.wp.com : We need this to retrieve user avatars for users that do not have a profile picture, e.g., https://i2.wp.com/avatar-management--avatars.us-west-2.prod.public.atl-paas.net/initials/MB-0.png?ssl=1. We are mirroring this from Atlassian, who do the same call when retrieving such user avatars.

  • fonts.gstatic.com : SurveyJS introduces some fonts for the survey creator. We retrieve the fonts so the editor is displayed correctly.

  • surveyjs.io: SurveyJS shows some demonstration pictures when inserting an image picker question. We retrieve exactly these four images to give a good user experience.

    • https://surveyjs.io/Content/Images/examples/image-picker/lion.jpg

    • https://surveyjs.io/Content/Images/examples/image-picker/giraffe.jpg

    • https://surveyjs.io/Content/Images/examples/image-picker/panda.jpg

    • https://surveyjs.io/Content/Images/examples/image-picker/camel.jpg

Scopes:

These are the scopes defined for our app. Please note that their representation in the “Allow Access” dialog can differ.

  • read:audit-log:confluence: Required to write to the audit log when the administrator escalates their permissions and accesses all Surveys.

  • write:audit-log:confluence: Required to write to the audit log when the administrator escalates their permissions and accesses all Surveys.

  • read:confluence-props: Needed by the macro migration assistant to check if a page is using legacy or new editor.

  • read:confluence-user: Required to check the admin permissions of the user on the Admin page for the Migration Assistant.

  • read:content-details:confluence: For example used for retrieving data of the current logged in user to add the user directly as survey manager in a newly created survey.

  • read:content.permission:confluence: Needed to check whether a user has edit rights for a page to give users only permissions to vote in Multivotes when they could edit the page .

  • read:group:confluence: Needed to check for group membership of a user to be able to handle groups permissions in surveys. Needed for checking the content property that is tracking the migration status of the macros in a page.

  • read:page:confluence: Needed for reading a content property on the page in order to keep track of the migration status of the macros in that page.

  • read:user:confluence: Needed to check for group membership of a user to be able to handle groups permissions in surveys.

  • search:confluence: Needed for retrieving pages that contain Survey macros.

  • storage:app: Needed to persist data of a Multivote or Survey in your Confluence Cloud instance.

  • write:page:confluence: Needed for setting up and updating a content property on the page in order to keep track of the migration status of the macros in that page.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close