I’m working on implementing access control in Jira Service Management Assets where different teams should only be able to view specific object types within the same schema.
Requirement:
HR team should only be able to view HR-related object types
IT/Hardware team should only be able to view Hardware-related object types
Users should not have visibility into object types outside their domain
Challenge:
Currently, permissions in Assets are applied at the schema level, not at the object type level, which means:
If a user has access to a schema, they can view all object types within it
There is no straightforward way to restrict visibility at a granular (object type) level
What I’m Exploring:
Whether it’s possible to enforce object-type-level restrictions within a single schema
Using AQL filters, roles, or object attributes to control visibility
Alternative approaches like splitting object types into separate schemas
Looking for Suggestions On:
Best practices for implementing team-based visibility in Assets
Any scalable or secure workaround for object-level restrictions
Real-world approaches others have used in similar scenarios
Would appreciate insights or recommendations from anyone who has implemented similar access control in Assets.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.