The truth on what "Runs On Atlassian" means

"The truth? You can't handle the truth. You enjoy the Atlassian App I provide, and then question the manner in which I provide it."

Well, actually, that's called security due-diligence, right? And it's one of the things a lot of businesses go through before they add new Jira or Confluence apps to their Atlassian Cloud environment. This process can be hugely complex (as there can be a lot of moving parts), but it is simplified when an app has the "Runs On Atlassian" badge.

What "Runs On Atlassian" means is that everything to do with the app is run, stored and processed entirely in Atlassian's environment alone. No data is being sent, passed through or processed outside of the Atlassian environment at any point. Customers even have the option to prevent logs from being shared with the app vendor.

In the case of "Runs On Atlassian" apps, as long as Security have signed off on using Atlassian Cloud, they have also signed off on "Runs On Atlassian" apps.

Unfortunately, not everything can be "Runs On Atlassian". For example, an app that interfaces with an external service, such as Google Drive or Figma or Quip, will be definition not be a Runs On Atlassian app as it has egress, i.e. it needs to talk to the external service.

An example is our Quip Integration for Confluence Cloud app, which needs to talk to Quip of course.

For apps that are not "Runs On Atlassian" security due diligence with the vendor may still be required. But if an app is "Runs On Atlassian", then you can rest assured that Security have already signed off on its usage by signing off on Atlassian Cloud.