It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

API responses suddenly missing emailAddress field Edited

I’m using the ‘Get users in organization’ method in the servicedesk API as documented here. (although the same goes for any other method that should, according to the docs, return e-mail addresses)

The example result shows a field emailAddress, however this field is missing in the response I get from this method.

As suggested elsewhere I checked the global setting User email visibility which is set to Logged in users only but the results are the same when set to public.

The user I’m connecting with also has the Browse users and groups permission.

Somehow the emailAddress field went missing in all API calls in the last few days suggesting it is because of some setting that was changed but I can’t figure out what setting is responsible for this.

Can anyone give me insight in why this field is (suddenly) missing from my API results? (and on how to get it back since its vital to our synchronization logic)

TL;DR answer

The missing field(s) are by design; it's not a bug but a choice made to comply with GDPR. Individual users can choose to disclose their email through the API but this means some will and some wont. A new API will be added in the future where you can get a list of all e-mails, however this requires whitelisting of your application. If this change breaks your code, then the only solution is to change the logic OR use the new API (when its available) OR have all your users disclose their email. For more information, see the links in the official answer below.

6 answers

1 accepted

1 vote
Answer accepted


This change is related to:


More details about this change have been shared in the developers community:


Please review above 2 threads in and add your questions to there, if any.



Is the "new profile visibility controls" section available yet? We are not able to find that screen anywhere.

So at this point, is there no way to get the email address unless the email API access request is approved ? 

Hi @AIO_Support ,

I can see that this question has already been answered in the support ticket you have created for this issue:

[...] we’re gonna add (in a few days) a flip switch for each user to choose the visibility of their email address. [...]

Also, if this is very urgent for you and you need to have a workaround applied, I have been told that there should be a way to temporary disable this, even if it is not advisable. Please discuss this option with the support engineer handling your ticket since if you really cannot wait. 

I hope this helps.



Thanks. Really wish that the new controls were already in place before removing the email address. There must be a good reason to hastily remove the email address without providing the associated screens with it.

Like Dario Bonotto likes this

You may want to provide this feedback to the developers community threads announcing this change.

We are facing the same issue. Causing an outage for us in production.

I have the same problem, synchronization with other system is not working anymore due to the issue.

@Roel Abspoel @BlueAnt 


Are you getting any response from Atlassian support on this issue? We are having a hard time getting any meaningful response.


Do you have any update from Atlassian on the issue?


No, we're working on a workaround instead.

@George Skryl Can you please provide us some details of the workaround? It will be hugely helpful to us.

@AIO_Support It really depends on your case. We were using emailAddress to link user accounts between JIRA and our system. After some research we decided to replace it by Atlassian Account ID. You can find more here I hope this would help.

We're having the same problem for an internal use-case. Is there a timeline on when the new profile controls will be rolled out?

Having exactly the same issue with missing 'emailAddress' value as others in this thread.  

This has become an outage situation (yet another from jira)

The links provided by Dario Bonotto do not help, and only add more questions. 

In short: the missing field(s) are per design to comply with GDPR. So the fields are gone and will remain gone. Users will be able to allow you to use the fields, however this is per user so might not be useful for everyone. (if you synch users then you need ALL emailAddresses, not just some)


There will be a new API that allows you to get the addresses, however you will have to get white listed for it. (Your app needs to comply to GDPR basically)


In all other cases you will need to find a new way to do what you want to do. We are now experimenting with account Id's instead which is a pain but for now should work. But miles may vary depending on needs.


I think that even though it was communicated it was done in a poor fashion; at least put this information in the API documentation since that is the goto source for all developers. But it is what it is I guess ;)

Like # people like this

Thanks for taking the time to write down this answer @Roel Abspoel !

Also, I will share your feedback with the team taking care of the REST API documentation. 

Have a nice day

Like Roel Abspoel likes this

Yes, thank  you @Roel Abspoel for the concise explanation.  

"the fields are gone and will remain gone"

"need to comply to GDPR for whitelist api"

"communicated in a poor fashion".  

This gives a direction for how to fix - re-code.  The emailAddress was the only link we had between jira and our local system for matching up users, so now we need to figure out something else - during the outage this caused.  

I'm still waiting for Jira support to get back with me, and hopefully confirm this info.  

@Ed LeBlanc 

I see you have a ticket open with Jira Support on this but, as written on the bottom of the Guidelines for Testing Profile Visibility Controls thread, it would be best to open your  request with the Developers Support team instead:

Raising issues with Atlassian


I hope this helps.



Also, @Roel Abspoel @Ed LeBlanc @AIO_Support ,


Please notice that this change has been actually announced in different places and emails have been sent to all the admins:


Also, as advised, we are now adding all the relevant documentation to the REST API pages. This is now mentioned on the top of the already provided threads in the developers community:

Note: These guidelines are still being drafted and when finalized will be published in our developer documentation. This information is subject to change. We wanted to get this information to you as soon as possible, even in draft state, to help better prepare you for testing.


Finally, be also aware of the below bugs when handling non-managed users that have just been reported:



@Dario Bonotto Is the new Privacy screen available yet?


Apologies for late reply, I am just back from vacation.

However, the Profile Visibility Settings screen is already available since couple of days after this thread was started.

Can you kindly confirm you can see it? 


Also, since this can be useful to you and other users as well, please find below summarized the expected behavior for each setting:


  • anything set to public will always be visible regardless of the type or caller or the authentication method
  • anything set to the user's organisation will be visible to:
    • users in the UI
    • users doing rest calls authenticating as themselves
    • it won't be visible to connect apps*
    • it won't be visible in webhooks (since they are not authenticated)
  • anything set to "only me and admins" will be visible to:
    • the user when they request themselves (apart from connect apps*)
    • in the user management UI ( it will be visible to admins in the user list (but nowhere else)
    • if its a managed account it might also be accessible to admins through the identity user managment api (not to be confused with the Jira REST API, this is a different  one): 
  • customer accounts email will be visibile:
    • to agents in the UI on profile cards
    • to agents in places using user search APIs inside Jira (there is no clearcut rule for which places it is), including the user search REST API, but not the user lookup API
    • it should be visible to all agents everywhere (apart from connect apps*)

* connect apps can apply through ecosystem to use some special api endpoints to get email regardless of privacy settings. This has to be approved by legal and is only for apps in specific use cases




Suggest an answer

Log in or Sign up to answer
Community showcase
Posted in Jira Service Desk

How has Jira Service Desk increased productivity in your org?

Hi Jira Service Desk community, Atlassian is on a mission to unleash the potential of all teams, and we know that tools are just one piece of that puzzle. With Jira Service Desk, we have productiv...

219 views 0 3
Join discussion

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you