Confluence Cloud now supports 3-legged Auth (3LO)

We are happy to announce that Confluence Cloud now supports 3LO (3-legged auth or OAuth 2.0). With this, developers can now allow external applications and services to access Confluence APIs on a user’s behalf. For example, if a user has granted a Gmail app access to Confluence Cloud, via OAuth 2.0 (3LO), then that app can interact with Confluence content (for example, pages, blog posts, comments, etc.). This provides the user the power to be in more control of what the app can access from Confluence. Please find more information here.


Get started

We encourage developers to create their own 3LO app and see how it all works. To get started, try the 3LO test app. It has details on how to register a new 3LO app in DAC, how to add Confluence, Jira and JSD APIs and various other details required for building your own 3LO app for Atlassian.


Awesome news! Is there an eta on when these will be coming out of beta so we can use them for production?

Good News! Eagerly waiting for this to use it. :innocent::innocent:

Hey guys, it is in prod now. You can use it today


Hi @sluthra! Any update on the 3LO Apps, when will they go out of beta? Any roadmap or further information if this is more a Gmail-style-Beta (ready to use) or not?

@LukasGotter hey just an FYI @sluthra left Atlassian a while ago. @ElaineH is the new Confluence Cloud Ecosystem PM.

3LO has been GA for 2 years now (when this was announced in this thread). Is there somewhere that is causing you to pause and think it’s still in Beta? I’d like to fix that if it’s still saying that somewhere.

As far as roadmaps are concerned there is nothing on the horizon that I’m aware of.

1 Like

Hi @rwhitbeck!
Thanks for the heads-up!

Also good to know that 3LO is not in beta anymore.

This info is still shown in the developer console. Is it outdated?

Furthermore, we are facing an end-user warning message that the app “has not been approved”, which suddenly appeared (and now disappeared again). See here.



@LukasGotter - that end-user warning has already been confirmed to be a bug in another thread:


The 3LO beta graduation seems to be an A/B test, still rolling out, or an opt-in for your account, I still have the ‘COMING SOON’ experience:


@LukasGotter, @rwhitbeck and @sopel, as Ralph mentioned, 3LO has been GA for 2 years now, but we haven’t removed the beta tag yet. Recently we have been exploring the opportunity to remove the approval process because this has caused frustration in the past when the backlog of apps got too long. In order to remove the approval process, however, a certain privacy notice needs to be implemented for apps that have not been listed on the Marketplace. The glitch that was observed couple of weeks ago was a result of one of our teams working on it.

While I can’t confirm a timeframe from the removal of approval process (including the ‘coming soon’ tag), I can confirm that this is the intent and we are working towards this.

Hope this makes sense.



1 Like

Hi, may I bring this topic to your attention? Requesting additional scopes for 3LO App / "Log in with Atlassian" - Any way we can realise a simple “Login with Atlassian” vs. always asking for all needed permissions?