What happens when installed apps access third-party websites?
Marketplace, custom and other third-party apps can be installed to further extend the abilities of your Atlassian cloud app. It’s important for you to be aware of certain security risks when these installed apps access third-party websites.
Share data with domains outside of Atlassian
An installed app may attempt to share data with or fetch data from outside Atlassian cloud, as part of its functionality. When using the installed app for the first time, users will see a message like the one below.
The message shows what the installed app can do on behalf of the user, as well as the external domains that the installed app may share data with or fetch data from.
Access to external websites
An installed app may attempt to send users to external websites as part of its functionality. If an installed app tries to access a URL that isn’t known to the product, a warning message like the one below may appear:
Users must be sure that they trust the external website because the installed app may share data with it. When users are on external websites, they’re no longer accessing Atlassian cloud, and Atlassian cannot guarantee the security of such websites.
Prevent sharing of sensitive information
Users must refrain from sharing their credentials or any personal data when using Marketplace, custom, third-party, or any other other installed apps with Atlassian cloud apps.
Was this helpful?