We started rolling out fine-grained scopes:
You originally tagged this topic with Atlassian Connect, so this change would come with a “double cost” of first moving to Forge and hopefully adopting the newer, more fine-grained scopes as you do so. To be clear, this is granular but not dynamic.
The only discussions I’ve had about “dynamic scopes” have been about the other direction: ratcheting upwards. An app might install with the least set of scopes that it needs to run, and could incrementally ask for more scopes as it is configured or used for more things. The advantage of “ratchet up” would be the existing UI is already about adding scopes through an authorization flow. Anything that would give power to revoke scopes would require new UI. All that said, there are no plans or commitments for this. I don’t think our engineering teams don’t see the cost/benefit playing out, given that we have yet to complete granular scopes and app access narrowing. And, once we complete, we need to let those propagate into apps before we can see if they are solving the customer problems.
My intent here is just to make sure existing plans are clear. There’s plenty of room left for exploration and discussion.