A pop-up survey could appear while you're here --curious what it's for? Click here to learn more!

×
Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions
Community
Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning Events Champions
Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning Events Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

How to Protect Sensitive Jira Fields Without Splitting Workflows

June 16, 2026

TL;DR

  • Jira permissions usually control access at the project or issue level, but sensitive data often lives in individual fields.

  • Common workarounds like separate projects, internal comments, hidden screens, or spreadsheets can create duplicated workflows and admin overhead.

  • Field-level security lets admins control who can view or edit specific custom fields inside the same Jira issue.

  • This is useful for HR, Legal, Finance, ITSM, and any team managing sensitive or regulated data in Jira.

  • Secure Custom Fields for Jira helps teams protect sensitive custom field values with view/edit permissions, masking, encryption, and audit logs for Jira CloudStart your 30-day free trial on the Atlassian Marketplace

 

Most Jira admins know how to control access at the project or issue level.

But there’s a common gap many teams run into:

What happens when only one or two fields on an issue are sensitive?

For example, the same Jira issue might contain general workflow information plus:

  • salary or performance data for HR
  • budget figures for Finance
  • privileged notes for Legal
  • credentials or internal diagnostics for ITSM

The usual workarounds are familiar: separate restricted projects, internal comments, hidden screens, or even offline spreadsheets.

They may work in the short term, but they can also create duplicated workflows, missing context, and extra admin maintenance.

That’s where field-level security can help.

Instead of splitting the workflow, admins can control who can view or edit specific custom fields inside the same Jira issue.

A few examples:

  • HR can restrict compensation fields.
  • Legal can protect settlement details or privileged notes.
  • Finance can limit access to budget data.
  • ITSM teams can hide credentials or escalation details from requesters.

For teams managing sensitive data in Jira, this can support a cleaner least-privilege model: users can still collaborate on the issue, while sensitive field values are only visible to the people who need them.

We built Secure Custom Fields for Jira to help teams protect sensitive custom field values without moving work into separate projects. It includes field-level view/edit permissions, masking, encryption, and audit logs for Jira Cloud, and is built on Atlassian Forge.

Curious how others are handling this today: are you using separate projects, internal comments, issue security, screen configurations, or another approach?

For anyone exploring this use case, here are a couple of helpful links:

 

Comment
Watch
Like # people like this
111 views

0 comments

Comment

Log in or Sign up to comment
Karl from Ricksoft

Karl from Ricksoft

About this author

1 accepted answer

11 total posts

View profile
groups-icon
App Central
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2026 Atlassian
    Privacy Policy Notice at Collection Terms Security