Change notice - Changes to installation of a local app on Atlassian Cloud products

Atlassian products will no longer allow installation of a local app in development mode at “Manage apps“ page, which uses the same key as an installed Atlassian Marketplace app. When this is attempted the install will fail with the following message:

Why this change?

This change has been put in place to prevent any user or admin confusion between locally installed apps and apps installed from Atlassian Marketplace.

What’s the alternative?

If you are an app developer, this may affect your development process. You will now need to use a separate instance to undertake testing with a local version of your app.


Is this per app?
Can I mix app A from Marketplace and app B from non-Marketplace URL on an instance?

1 Like
  • If we’ve uninstalled the Marketplace app, can it install our local version of the app?
  • If not, then that means UPM stores the list of once-installed Marketplace apps in the database, is it correct?
1 Like

Should we continue to expect changes to be launched without any warning moving forwards?


@boris - I don’t have all of the details, but from what I can glean, this change was made to address security issues/concerns. Apologies for any inconveniences that this may cause you.

1 Like
  • Local version of your app won’t work in that case. The error shown in above snapshot will be thrown.
  • Let me confirm with our team on whether UPM stores that data.

We found a security bug recently and that’s why this fix had to be made immediately.

1 Like

Great to hear that Atlassian is responding to security incidents this quickly.

However, I know that at least for our team, we don’t have a good understanding around policies relating to Cloud API and general Cloud system changes. Is there a doc I have overlooked? If there isn’t, does Atlassian have plans to / a timeline to publish any such document?

1 Like

Yes, this applies per-app. You can mix marketplace and non-marketplace apps within an instance

1 Like

Is there any way to have quick reboot for the environments? basically we have env named “” and “” and both are out now. We can create new environments but can you free up the names quick enough? Its a bit too quick change atm. Any suggestions for workarounds that would affect vendors least?


Hi @boris

You can have a look at Atlassian’s REST API policy, which states that,

The behaviour of an API may change without warning if the existing behaviour is incorrect or constitutes a security vulnerability.

In general, we do endeavour to give vendors notice of changes which affect dev loops. In certain circumstances, however, especially in the area of security, we may need to make changes without notice.



It would be interesting to read what the vulnerability was, since it’s fixed.

The lack of communication regarding this change is disappointing (I second @boris) and caused a few of our developers to encounter a jarring experience when testing the upgrade procedure of some Cloud Apps :face_with_monocle:.

It’s worth noting you can still install your Production App and Test App on the same system, as long as you do it from the ‘Install from URL’ option, not the Marketplace (or emcee) :smiley:.

As far as a ‘security vulnerability’ - this bug or feature, depending on how you look at it, has been in the Atlassian Cloud since I can remember, so the urgency of the change (without any warning) is lost on me - but given past experience, it’s not surprising :cold_face:.



So I was looking for a way to reuse a fresh instance of Jira, to test apps installation process. I have created new site, did a backup, then installed our app, everything worked fine. Then I decided to clean the site by importing a backup. I was prompted to choose whether users should be overwritten or merged. I chose “merge”.

Backup was successful, however it is impossible to install the app now.

Is it a known problem? Do you have any other ideas how to clean a Jira instance for testing purposes?

1 Like

I have also tried a backup with an option to override users, it also doesn’t work. This worries me, because if I can’t do a backup, then our customers probably also have problems with apps after doing a backup

1 Like

Installing any app from the marketplace also doesn’t work, but I guess I will create support ticket for this, because this thread may be not appropriate

1 Like

It would be nice if turning on development mode popped an info dialog:

Manage apps --> Settings --> Enable development mode

The dialog could say something like this:
Note! For your security: If you install an app from the Marketplace then you cannot upload a local version of that app. Once the Marketplace is installed then local versions are forever prohibited even if the Markeplace version is uninstalled.

The point at which we enable development mode is the perfect place to document this limitation, IMO. I just learned about this feature the hard way and now I have multiple dev instances when a single one would have sufficed.


I literally have to keep spinning up confluence cloud instances when I’m developing our application, since the marketplace always ends up auto updating our json file. It’s a waste of resources for Atlassian, and wastes our time too.


I’ve just run into this issue as well. I understand that having both a Marketplace version and a local version would cause confusion. However, installing a Marketplace version even once has stopped me using a local version permanently.

Dev instances are all about trying new things and being unafraid to break things. As a developer, I want to be able to reset this.


This is a big issue when it comes to the ACCESS_EMAIL_ADDRESSES scope that is granted by Atlassian to a SINGLE APP KEY. We cannot test our changes in our Jira account now because we installed the PROD addon at some point. Do we have to go a get approval/whitelist for additional app keys? That is really annoying. Any solutions or ways to ‘reset’?



Although we were aware of this change when it was introduced last year, one of our developers has just managed to accidentally brick our company’s primary staging instance.

As part of a database migration (Postgres 10.x -> 12.x), the developer was tasked with testing the uninstall/install flows for our app to ensure that no issues were introduced with the new database version.

The developer uninstalled an app from our staging instance that had been installed from a URL, but instead of reinstalling from a URL they accidentally installed from the Marketplace. After realising their mistake, they immediately uninstalled the Marketplace version and tried to reinstall from a URL…and then hit this issue.

Is there really no way to reverse this innocent mistake? Do we really have to burn our entire staging instance to the ground now (that we’ve been using for many years) and replace it with a fresh instance?

It seems like such a severe penalty for what is a very easy mistake to make.