Recoup audits every seat across Jira, Confluence, JSM, and JPD. It finds the inactive accounts, the products no one's using, the JPD Creator seats sitting idle — and tells you exactly how much money is on the table. In dollars. Every scan.
Built for enterprises on the full Atlassian stack. The bigger your suite, the more we find.
Recoup ships as a Forge app — installs inside Jira, opens in the top nav, runs against your real Atlassian org. Here are the three screens you'll live in.
1
Headline savings, every time.
One number every finance lead understands.
2
Four waste categories.
Click any card to drill into the users behind it.
3
Ranked recommendations.
Sorted by dollar impact — work the top of the list first.
1
Activity per product.
See which products are actually used and which aren't — the source of mismatch savings.
2
The recommendation, in dollars.
Plain language, full reasoning, no jargon.
3
Reversible by design.
Reclaiming a seat removes the user from their mapped Jira access group — fully reversible with one-click Add back. Mark as service account is one-click too. Reclaim requires a typed reason.
1
CSV export.
Australian-formatted dates, every column finance needs.
2
Failures recorded too.
Refused reclaims are audited as transparently as successful ones.
3
Free-form reason on every action.
Required and immutable. Security review writes itself.
Most license-cleanup tools count inactive logins and stop there. Recoup looks at every drawer at once and tells finance the total.
An average org carries 7% of users who haven't touched any Atlassian product for more than 90 days. They're not the obvious leavers — they're the ones HR offboarded but IT never disabled.
Multi-product seats where one product is dormant. The cleanest win in license optimisation — and one no inactive-user counter ever surfaces. The bigger your Atlassian stack, the more of this Recoup finds.
Jira Product Discovery's Creator tier is $10/mo per seat. Contributor is free. Highest per-seat reclaim Recoup detects — and uniquely available only when JPD is in your suite.
Recoup is a Forge app — it installs from the Atlassian Marketplace and runs entirely inside your Atlassian Cloud. Here is the full setup and how to use it day to day.
A conservative model based on patterns Recoup detects in customer scans. Move the slider — the receipt updates.
Conservative model: 7% inactive (60% Jira-only · 40% multi-product) · 12% Confluence mismatch on multi-product orgs · 2% wasted JPD Creator seats when JPD is in use. Real customer savings are usually higher.
Every license-cleanup tool gets bots wrong. Some admin cuts off a "stale" account, three integrations break, three teams lose half a day. Recoup catches it before you click — including when you're acting on fifty users at once. And every seat action is a reversible group change, not a delete: one click to Add back. Nothing leaves your Atlassian tenancy.
Recoup re-audits every seat on a schedule and parks each reclaimable one in a single queue — but it never removes a soul. Review the list, keep anyone you want with one click, clear the rest with one more. The app detects; a human approves. Always.
Zero data egress. No third-party services. No AI vendor. Hosted by Atlassian Forge, encrypted at rest, no telemetry, immutable audit log. Nothing destructive — every seat action is a reversible Jira access-group change. The security review writes itself.
Recoup never deletes, suspends, or hard-deactivates accounts. Unused Jira/JSM seats are reclaimed by removing the user from their mapped access-control group — Atlassian stops billing them — and any user is back in one click with Add back. Identity and SSO untouched.
Every function call and storage write stays inside Atlassian's network. No third-party SaaS, no AI vendor, no shadow IT, no data leaving your region.
Recoup never asks for an Atlassian API token or password. It runs entirely on Forge-granted access (asApp / asUser) — there are no app-held credentials to leak.
Every action a Recoup admin takes is recorded with full before/after diff. CSV export, ISO + local timezone, designed for finance reviews.
No analytics provider, no error reporting, no marketing pixels. Cookies belong to Atlassian, not us. Read the privacy policy.
The average Recoup customer reclaims about 25× the subscription cost in the first scan. Cancel any time, no rugpulls.
No credit card. Atlassian volume discounts apply automatically: ~20% off at 100+ seats, ~35% off at 500+. For 5,000+ seats or annual prepay, talk to us.
If your security team or CFO has a question that isn't here, email support@taskhooker.com — answers usually inside a few hours.
Stays inside your Atlassian site. Recoup runs entirely on Forge, Atlassian's hosted app platform — every function call executes in Atlassian's runtime, every storage write goes to Forge KVS (AES-256 at rest, inside your Atlassian site). We operate no third-party servers.
No. Recoup runs entirely on Forge and reads your data only through Atlassian's own product APIs (asApp() / asUser()). The single Atlassian endpoint it calls, api.atlassian.com, is Atlassian's own service and is used only for the required end-user personal-data report — authenticated by Forge, with no credentials supplied by you. No third-party services, no AI vendor, no telemetry. End-User Data never leaves Atlassian's infrastructure.
No. Recoup collects no Atlassian credentials of any kind. It reads users and last activity through Forge's built-in app access (asApp()) and reclaims seats as the signed-in admin (asUser()) — both granted by the scopes you approve at install. There is nothing to paste, rotate, or revoke.
By design, it doesn't. Any account Recoup's rule-based detection flags as a likely service, bot, or integration account is excluded from reclaim recommendations and surfaced as "review" instead. If you do manually reclaim one anyway, the confirmation modal warns you with the detection reasoning and you must type a reason that's recorded in the audit log — and because the reclaim is a fully reversible group-membership change, one-click Add back puts the account straight back in its access group. Recoup never deletes, suspends, or hard-deactivates accounts; identity and SSO are untouched.
Yes — bulk reclaim access is capped at 50 users per action to keep things reviewable. Reclaiming a seat removes the user from the Jira/JSM access group you mapped to that product in Settings, so Atlassian stops billing them; it is fully reversible with one-click Add back and never deletes, suspends, or hard-deactivates the account. Before you confirm, the modal shows a full preview of which users will be acted on and which are excluded (and why) — org admins, allowlisted service accounts, rule-flagged bots, and your own account are filtered server-side, not just client-side. Confluence product-mismatch and JPD Creator findings are insights-only for now — Recoup shows the dollar value and you right-size those in admin.atlassian.com. Every attempt — success, skip, or failure — generates its own audit entry.
Yes — instantly. Every reclaimed user has a one-click Add back in Recoup that re-adds them to the same Jira access group(s) immediately. Reclaim is the reversible, safe direction by design: Atlassian stops billing a reclaimed seat, and Add back brings the user back with identity and SSO untouched. No trip to your IAM console required.
No — and there's no code path for it to. Recoup re-scans on a schedule (read-only) and queues reclaimable seats, but nothing is removed until an admin opens the queue and clicks approve. The app detects; a human decides — always. Every approval, and every account you choose to keep, is written to the immutable audit log, and every reclaim is a reversible group change you can undo with one-click Add back.
Yes — and Premium/Enterprise customers get the richer experience because their managed users (verified domain via Atlassian Access) return full last_active per product. Recoup detects this automatically and uses the richer data path.
Install Recoup from the Atlassian Marketplace. First scan in under a minute. Cancel any time.
Listing pending Atlassian review — early access by email request.