Community Announcements have moved! To stay up to date, please join the new Community Announcements group today. Learn more

×
Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions
Community
Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning Events Champions
Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning Events Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Is it a bug or a feature that adding worklog in REST API ignores the author in the POST body?

Stephen Trigg
Stephen Trigg
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
July 16, 2018

As part of a migration from Clearquest to JIRA, we're attempting to retain time entries logged against issues for specific users.

When adding worklog entries through REST API, the author and update author JSON data structures are ignored and the authenticated user details are used instead.

Is that by design or by flaw? I can imagine it being prevented by default as a security issue - in which case, is there a way to enable it?

 

 

Answer
Watch
Like Be the first to like this
503 views

1 answer

0 votes
Andy Heinzer
Andy Heinzer
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
July 17, 2018

Hi Stephen,

This is a known limitation within Jira at the moment.  I would recommend checking out this suggestion (feature request) https://jira.atlassian.com/browse/JRASERVER-30197

There is another issue connected to that in that connect project, however this only appears to apply to the Connect framework which works for Jira Cloud, but not Jira Server.

I suspect that there is an element of design to the way this is implemented in Jira.  There are certainly security concerns with allowing users to impersonate others in regards to actions taken.  

From researching this a bit, it looks like there is a marketplace plugin that allows you to impersonate REST actions as other users, perhaps the Sudo for Jira plugin might help in this case.

Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Notice at Collection Terms Security