OAuth スコープとエンドポイント

Jira に必要なスコープおよびエンドポイントドメイン

Jira と連携する場合、アプリケーションはAPI とやりとりするために特定の権限が必要です。

これらの権限はアクセススコープによって定義され、アプリケーションがアクセス可能なデータと実行可能なアクションを決定します。

このトピックでは、Jira プロバイダーに必要なアクセススコープとエンドポイントドメインについての情報を提供します。

スコープについて

スコープは、ユーザーのデータへのアプリケーションによるアクセスを制限するための手段です。これは、アプリケーションがユーザーに代わって実行できる特定のアクションを定義します。

例えば、読み取り専用スコープではアプリケーションにデータの閲覧を許可し、フルアクセススコープではデータの変更を許可することができます。

Jira に必要なスコープ

Scopes can be controlled using the Scope connection property.

Jira Cloud has two types of scopes: Classic and Granular. Jira recommends Classic scopes when available.


Scope	Type	Description
read:jira-user	Classic	View user information in Jira that the user has access to, including usernames, email addresses, and avatars. Required for read and write access.
read:jira-work	Classic	Read Jira project and issue data, search for issues and objects associated with issues like attachments and worklogs. Required for read and write access.
write:jira-work	Classic	Create and edit issues in Jira, post comments as the user, create worklogs, and delete issues. Required for write access.
manage:jira-project	Classic	Create and edit project settings and create new project-level objects (for example, versions and components). Required for write access.
manage:jira-configuration	Classic	Take Jira administration actions (for example, create projects and custom fields, view workflows, and manage issue link types). Required for write access.
read:application-role:jira	Granular	View application roles. Required for read and write access.
read:audit-log:jira	Granular	View audit logs. Required for read and write access.
read:dashboard:jira	Granular	View dashboards. Required for read and write access.
read:filter:jira	Granular	View filters. Required for read and write access.
read:filter.column:jira	Granular	View filter columns. Required for read and write access.
read:group:jira	Granular	View user groups. Required for read and write access.
read:issue:jira	Granular	View issues. Required for read and write access.
write:issue:jira	Granular	Create and update issues. Required for write access.
delete:issue:jira	Granular	Delete issues. Required for write access.
read:issue-meta:jira	Granular	View issue meta. Required for read and write access.
read:attachment:jira	Granular	View issue attachments. Required for read and write access.
write:attachment:jira	Granular	Create and update issue attachments. Required for write access.
delete:attachment:jira	Granular	Delete issue attachments. Required for write access.
read:comment:jira	Granular	View issue comments. Required for read and write access.
write:comment:jira	Granular	Create and update issue comments. Required for write access.
delete:comment:jira	Granular	Delete issue comments. Required for write access.
read:comment.property:jira	Granular	View issue comment properties. Required for read and write access.
write:comment.property:jira	Granular	Create and update issue comment properties. Required for write access.
delete:comment.property:jira	Granular	Delete issue comment properties. Required for write access.
read:field:jira	Granular	View fields. Required for read and write access.
write:field:jira	Granular	Create and update fields. Required for write access.
read:field.option:jira	Granular	View field options. Required for read and write access.
read:field.options:jira	Granular	Read field options. Required for read and write access.
read:custom-field-contextual-configuration:jira	Granular	Read custom field contextual configurations. Required for read and write access.
write:custom-field-contextual-configuration:jira	Granular	Save custom field contextual configurations. Required for write access.
read:field-configuration:jira	Granular	Read field configurations. Required for read and write access.
write:field-configuration:jira	Granular	Save field configurations. Required for write access.
read:issue-link:jira	Granular	View issue links. Required for read and write access.
read:issue-link-type:jira	Granular	View issue link types. Required for read and write access.
read:issue.property:jira	Granular	View issue properties. Required for read and write access.
read:priority:jira	Granular	View priorities. Required for read and write access.
read:resolution:jira	Granular	View resolutions. Required for read and write access.
read:issue-details:jira	Granular	View issue details. Required for read and write access.
read:issue-security-scheme:jira	Granular	View issue security schemes. Required for read and write access.
read:issue-type:jira	Granular	View issue types. Required for read and write access.
read:issue-type-scheme:jira	Granular	View issue type schemes. Required for read and write access.
read:issue-type.property:jira	Granular	View issue type properties. Required for read and write access.
read:issue.watcher:jira	Granular	View issue watchers. Required for read and write access.
read:issue-worklog:jira	Granular	View issue worklogs. Required for read and write access.
read:issue-field-values:jira	Granular	View issue field values. Required for read and write access.
read:issue-security-level:jira	Granular	View issue security levels. Required for read and write access.
read:issue-status:jira	Granular	View issue statuses. Required for read and write access.
read:issue.changelog:jira	Granular	View issue changelogs. Required for read and write access.
read:issue.transition:jira	Granular	View issue transitions. Required for read and write access.
delete:issue-type:jira	Granular	Delete issue types. Required for write access.
write:issue-type:jira	Granular	Create and update issue types. Required for write access.
read:user:jira	Granular	View users. Required for read and write access.
read:user.columns:jira	Granular	View user columns. Required for read and write access.
read:project:jira	Granular	View projects. Required for read and write access.
write:project:jira	Granular	Create and update projects. Required for write access.
delete:project:jira	Granular	Delete projects and their details, such as issue types, project lead, and avatars. Required for write access.
read:project-category:jira	Granular	View project categories. Required for read and write access.
read:project.component:jira	Granular	View project components. Required for read and write access.
write:project.component:jira	Granular	Create and update project components. Required for write access.
delete:project.component:jira	Granular	Delete project components. Required for write access.
read:project.property:jira	Granular	View project properties. Required for read and write access.
write:project.property:jira	Granular	Create and update project properties. Required for write access.
delete:project.property:jira	Granular	Delete project properties. Required for write access.
read:project-role:jira	Granular	View project roles. Required for read and write access.
write:project-role:jira	Granular	Create and update project roles. Required for write access.
delete:project-role:jira	Granular	Delete project roles. Required for write access.
read:project-version:jira	Granular	View project versions. Required for read and write access.
write:project-version:jira	Granular	Create and update project versions. Required for write access.
delete:project-version:jira	Granular	Delete project versions. Required for write access.
read:issue.time-tracking:jira	Granular	View issue time tracking. Required for read and write access.
write:issue.time-tracking:jira	Granular	Create and update issue time tracking. Required for write access.
read:user.property:jira	Granular	View user properties. Required for read and write access.
write:user.property:jira	Granular	Create and update user properties. Required for write access.
delete:user.property:jira	Granular	Delete user properties. Required for write access.
read:workflow:jira	Granular	View workflows. Required for read and write access.
read:workflow-scheme:jira	Granular	View workflow schemes. Required for read and write access.
read:status:jira	Granular	View statuses. Required for read and write access.
read:workflow.property:jira	Granular	View workflow properties. Required for read and write access.
read:project-type:jira	Granular	View project types. Required for read and write access.
read:project.email:jira	Granular	View project emails. Required for read and write access.
write:project.email:jira	Granular	Create and update project emails. Required for write access.
read:role:jira	Granular	View roles. Required for read and write access.
read:user-configuration:jira	Granular	View user configurations. Required for read and write access.
write:user-configuration:jira	Granular	Create and update user configurations. Required for write access.
delete:user-configuration:jira	Granular	Delete user configurations. Required for write access.
read:jql:jira	Granular	View JQL. Required for read and write access.
validate:jql:jira	Granular	Validate JQL. Required for read and write access.

Jira Data Center has one type of scopes as shown in the table below.


Scope	Description
READ	View projects and issues the user account can view, including any related items, such as dashboards, filters, attachments, or comments. Also view the user profile.
WRITE	Create, update, and delete projects and issues the user account can change, including any related items, such as dashboards, filters, attachments, or comments. Also change the user profile.
ADMIN	Perform most administrative functions on the entire Jira instance, excluding functions such as backups, imports, and infrastructure settings which are limited to system administrators.
SYSTEM_ADMIN	Perform all administrative functions on the entire Jira instance, including functions such as backups, imports, and infrastructure settings. Note: This scope is not utilized by CData Excel Add-In for Jira.

エンドポイントドメインについて

エンドポイントドメインとは、アプリケーションが認証、レコードの取得、その他の重要な操作を実行するために通信する必要がある特定のURL を指します。

これらのドメインを許可することで、アプリケーションとAPI 間のネットワークトラフィックがファイアウォールやセキュリティ設定によってブロックされることがなくなります。

Note： ほとんどのユーザーは特別な設定をする必要はありません。許可リストは通常、送信ネットワークトラフィックの制限など、厳格なセキュリティ対策が施された環境でのみ必要となります。

Jira に必要なエンドポイントドメイン