Welcome to the Atlassian developer community @SteveGrubb,
When you start a new OAuth2 (we call it three-legged OAuth, or just 3LO) app, you are the only user who can authorize the app on any site (aka Jira Cloud instance). In that sense, your app starts in a “private” mode.
In order for other people to use that app, you will need to “distribute” the app. Pay special attention to the notes in that linked doc section:
- OAuth 2.0 (3LO) apps are installed on a per-user basis, so you’ll have to send the link to all the users you want to grant access to.
- Enabling sharing doesn’t make your app available on the Atlassian Marketplace. Although OAuth 2.0 (3LO) apps can be listed on the Atlassian Marketplace, they will appear as informational listings only, with limited Marketplace features.
The first bullet means there isn’t really any way to “install” your app into your site. Users must get the authorization URL from somewhere outside of Jira to start the authorization flow. If you only want people inside your company to access that flow, then make sure that URL is inside the firewall (or otherwise protected by your company’s identity and access management).
And, because you control that authorization URL, that’s why the 2nd bullet means that “distribution” isn’t the same as making it public. Effectively, “distribution” just means letting users other than you into the authorization flow.
I’m not sure where you are trying to “add Apps” with an OAuth URL but you don’t need anything other than 3LO authorization flow, then the client can start making API calls.