{"changes":[{"id":"001-add-required-scope-write-issues","category":"oauth-add-scope","severity":"breaking","versionBump":"major","description":"Require \"write:issues\" in addition to \"read:issues\" at /authorize. Existing OAuth installations that only requested \"read:issues\" will get redirected with error=insufficient_scope.","applied":false},{"id":"002-tighten-token-validation","category":"oauth-tighten-token-validation","severity":"breaking","versionBump":"major","description":"Issue and require JWT-shaped access tokens (3 dot-separated base64 segments) instead of opaque ones. Existing consumers that cached an opaque token will 401 against /rest/v3/*.","applied":false},{"id":"003-require-summary-on-create-issue","category":"add-required-field","severity":"breaking","versionBump":"major","description":"Make \"summary\" required on POST /rest/v3/issues body (was optional). Existing consumers omitting it will fail body validation.","applied":false}]}