How i can add a user to a specified group by Jira Automation (Jira, Crowd)?

@Arkadiusz Wroblewski Thank you for you attention!

1) Confirm it’s a node/cache problem (DC)

I haven't multiple Jira nodes. My Jira don't clusterising

2) Force the directory/group refresh after automation

When i run a directory sync for the user directory this not make the new membership “visible”, i tried it.

3) Check Crowd authorization caching

Are  TTL and Synchronisation Interval (minutes) same? Synchronisation Interval = 60 minutes now.

4) Flush Jira caches 

How i can flush cahes by the Scrupt runner?

 And i know something intresting now: user can see issue from direct link (but don't see this issue on Project -> Kanban Board, and don't see on Project -> Issues).

@Mari Pervushina 

the detail “user can open the issue via direct link, but can’t see it in Boards / Issue Navigator / Project → Issues” is the key clue. That usually means permissions are already OK, but search/board results are stale.

Direct issue view can be loaded directly, while Boards + Issue Navigator depend on the Lucene index. If the index hasn’t caught up with the new group membership, the issue won’t appear in search/boards until index/caches refresh.

TTL vs Synchronisation Interval (Crowd)

No  these are different:

Synchronisation interval (e.g. 60 minutes) = how often Crowd syncs directory data (users/groups).

Authorization caching / TTL (if enabled) = how long membership/permission decisions can be cached before they’re re-evaluated.

So “Sync = 60” does not guarantee immediate visibility changes.

What to do next (Order are important)

Re-index
Administration → System → Indexing → run Background re-index.
If it still doesn’t show, run a Full re-index (more disruptive).

Flush Jira caches (no ScriptRunner)
If you have it: Administration → System → Cache management → flush caches related to users/groups/permissions.
If you don’t have that UI (or it’s locked down), on a single-node system the practical equivalent is a Jira restart.

One extra gotcha:

Even with correct permissions, the issue can still be excluded by the board filter JQL (or quick filters). But since it’s also missing from Project → Issues, index/caching is the first thing to fix.

Unfortunatly, the solution with re-index and stuff doesn't suit me. since you need to add a user to the group periodically and at the same time update the security scheme. It is currently unclear how to trigger the security schema update event, and there may be a problem with it. If you manually change the security scheme or the security level of the project (add or remove a group), this also leads to an update.

@Mari Pervushina 

If this must run periodically, then re-index/restart indeed isn’t an operational solution.

There is also no supported “security scheme refresh event” you can trigger via Automation/REST to make Jira immediately re-evaluate visibility after a group membership change.

What you’re seeing is caching behavior:

POST /rest/api/2/group/user updates the membership (you see it in user management).

Jira doesn’t instantly refresh all permission/search layers.

Changing the Issue Security Scheme / security level in the UI forces an internal refresh, so it “wakes up”. That’s a side effect of the admin action, not an event you can reliably call from automation.

If you need this to work repeatedly, the sustainable options are:

Tune/disable authorization caching on the Crowd side for the Jira application (sync interval is not the same thing).

Or change the access model so you don’t rely on frequent directory group changes for issue visibility (e.g., project roles / user-based security where possible).

Toggling the security scheme just to force refresh will work sometimes, but it’s risky and noisy long-term.