I'm trying to setup a Ruby bot which will send direct message to issue reporter when the issue changed to certain states (`waiting for reporter`) . To send Slack DM I need to match reporters slackID with their email address - is there any chance to get reporter email address using Jira webhook to get this info in JSON which comes in a response?
Hi @maciej.wicher ,
Welcome to the Atlassian Community!
You can find the answer to your question many existing threads, including the below ones:
However, in order to summarize:
This behavior is related to the introduction of the Profile and Visibility settings:
This change was needed in order to comply with GDPR and, as a result, you can or cannot see user emails depending on how they configured their profile visibility settings.
Guidelines for developers are available in the below threads in the developers community:
Below you find the expected behavior for each setting:
- anything set to public will always be visible regardless of the type or caller or the authentication method
- anything set to the user's organisation will be visible to:
- users in the UI
- users doing rest calls authenticating as themselves
- it won't be visible to connect apps*
- it won't be visible in webhooks (since they are not authenticated)
- anything set to "only me and admins" will be visible to:
- the user when they request themselves (apart from connect apps*)
- in the user management UI (admin.atlassian.com) it will be visible to admins in the user list (but nowhere else)
- if its a managed account it might also be accessible to admins through the identity user managment api (not to be confused with the Jira REST API, this is a different one): https://developer.atlassian.com/cloud/admin/user-management/rest/#auth
- customer accounts email will be visibile:
- to agents in the UI on profile cards
- to agents in places using user search APIs inside Jira (there is no clearcut rule for which places it is), including the user search REST API, but not the user lookup API
- it should be visible to all agents everywhere (apart from connect apps*)
* connect apps can apply through ecosystem to use some special api endpoints to get email regardless of privacy settings. This has to be approved by legal and is only for apps in specific use cases
I hope this helps.