Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions
Community
Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning Events Champions
Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning Events Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Restricting issue access for an employee of an organization in the portal

Felix Kruszinski
Felix Kruszinski
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
August 29, 2025

We have created several organizations in JSM and assigned all employees to their respective organizations. Is there a way to restrict a specific employee’s access in the portal?

So far, all employees within an organization can see all tickets created by that organization. The requirement would be, for example, that only the IT manager of the organization should be able to see all tickets.

Our problem is that not every employee should be able to see, for instance, the CEO’s tickets due to data protection reasons.

We have already disabled the notification function that sends an email to every employee when a ticket is created in the organization.

So far, I could only find information stating that this is not possible.

Answer
Watch
Like Be the first to like this
95 views

1 answer

0 votes
Marc - Devoteam
Marc - Devoteam
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
August 29, 2025

Hi @Felix Kruszinski 

Welcome to the community.

Issue Security can provide a solution for you.

create-security-levels-for-issues 

In relation to setting this up create an automation rule or rules, that will set issue level based on the customer creating the request.

This is not doable with the organization settings

View More Comments
Felix Kruszinski
Felix Kruszinski
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
August 29, 2025

Hey Marc

 

Thanks for your answers. Security Levels aren't working with the Organizations.

We have IT Responsibles who wanne see all Tickets, but Employees only there own. In this Configuration Security Level is nonsense.

While also unassign Customers from there Organization means, that we have no PrimaryKey and they disappear as ASSET from this Organization, cant assign there CI, etc.

 

So how it is possible, that we have Users assigned a Organization, also there Devices from the CMDB from SACM for Assetmanagement, for that we bought Jira Premium.

Also if Users from Company X are not assigned any Organization and some failure is in Workflows and/or Security Levels, they can see Tickets from any other User from Company Z. Security? Save of sensible Data?

Thanks
Felix and Rene - who are really scarred and wondering about this functionality in a ITSM (Smax and Servicenow having this Option...)

Like
Marc - Devoteam
Marc - Devoteam
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
August 29, 2025

Hi @Felix Kruszinski 

So JSM just doesn't have this option.

But your statement,

"Also if Users from Company X are not assigned any Organization and some failure is in Workflows and/or Security Levels, they can see Tickets from any other User from Company Z. Security? Save of sensible Data?"

Applies in any application, if certain information is not set on a ticket, workflows, automations, etc.. will not fix this.

As this point you describe

"Our problem is that not every employee should be able to see, for instance, the CEO’s tickets due to data protection reasons."

in fact is a Must Have functionality based on Risk, I wonder why JSM came up as a solution, as setting view restrictions on the portal based on a user position is not a functionality JSM processes?

 

Like
Marc - Devoteam
Marc - Devoteam
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
August 29, 2025

https://jira.atlassian.com/browse/JSDCLOUD-13159 

https://jira.atlassian.com/browse/JSDCLOUD-11764 

Like
Felix Kruszinski
Felix Kruszinski
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
August 29, 2025

Restrictions may for sensible Data in a Ticket? - If someone gets fired, you have to handle it through a Support Request which ONLY the IT Responsible (IT or HR) can see it.
In the current Jira Design/ Configuration every Employee can see the Ticket with the Person who will get fired soon.
Except, only the IT Responsible is part of the Organization and Employees who are part of the Organization (Assetmanagement! - you praise this in Jira Premium... that's why we purchased it) have to be revoked and be in a "CustomerPool" where also other Company Customers are located.

So there is by Design no Solution to MANAGE an Organization and Employees, as well as CI's inside of an Organization while ASSETManagement is a Part of ITSM but not in JSM?

I am right?

Like
Marc - Devoteam
Marc - Devoteam
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
August 29, 2025

Hi @Felix Kruszinski 

For this use Issue Security.

Based on the security level, the ticket can only be seen by the responsible based on the issue security level set.

You can even set this security level by default when the request is made. This is not related to the organization the customer belongs to.

I don't get your sentence:

"So there is by Design no Solution to MANAGING an Organization and Employees, aswell CI's inside of an Organization while ASSETManagemnt is a Part if ITSM but not in JSM?"

Issue Security has no relation to this.

If you set a security level on an issue, only the roles, groups, users and even jsm customer option, only set security level have access to the ticket

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira Service Desk
Jira Service Management
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
PREMIUM
PERMISSIONS LEVEL
Product Admin
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Notice at Collection Terms Security