Assignee or reporter can't see issue with issue security scheme set


I've created 'Assignee, Reporter and Developers' issue security scheme with 'Current assignee', 'Project Role (Developers)' and 'Reporter' groups to be allowed to see the issues (based on guide)

User is able to create issue but can't see the issue afterwards (whether he is assignee or not) unless I add user to Developers group. 

User is added to Users role for the project (via group). 

Even if I add user (as a Single User) to Security Scheme he still can't access the issue.

Thanks in advance,



2 answers

Is the user definitly part of a group or role that gives them the 'Browse projects' permission for the project in question?

You mention a 'Users' role for the project, but it's possible this only grants people permission to create issues, but not browse the project.

If you set security level on a particular issue to 'none', can the user see it?

Hi Sam,

Thanks you for your answer.

1) No he is not given access to Browse projects. As there is absolutely no point in having Security scheme if user is given access to Browse Projects.

If I add user permission to Browse projects he is able to see All issues in the project regardless of security scheme/assignee/reporter (and I want to restrict internal issues from the client)

Related issues:


2) No, even if I set security level on a particular issue to 'none' user still can't see it.



If you don't give 'Browse projects' somehow, then the user will never be able to see any issues in the project. That's why they can't even see the issues with with no securty level set.

'Browse projects' is the basic permission anyone needs to see an issue within the project. 

Then you use the issue security scheme on top of that to restrict the visibity of specific (or all) issues.

You can avoid those bugs you linked, because you don't need to grant the 'Browse projects' permission to 'Reporter' or 'Current Assignee'.

Instead, grant 'Browse projects' to your 'Users' role. 

To keep your issues secure, make sure all issues get your 'Assignee, Reporter and Developers' security level. Make it the default security level and bulk change any existing issues to set it.

That way, people in your 'Users' role will be able to browse the project, but they will only be able see the issues when they meet the conditions of the security level set on each issue. 

Making sure every issue has 'Assignee, Reporter and Developers' level set will stop your non-developer users from seeing all issues.

Essentially, what I'm decsribing there is the workaround given in both the bugs.

Looks like I messed it myself.

When originally set all the permissions I haven't updated the security level for older issues so that's why I could still see those with this restricted user. Done bulk update and now it works as expected.

Thanks for helping me to sort out this!

Best regards,

Ah right. I think i see what happened:

You orginally had given the 'Users' role 'Browse projects', but saw that they could see older issues, so took it away.

But 'Browse projects' wasn't the cause, it was that the old issues didn't have security level set.

So the fix was:

  • Give 'Users' role back 'Browse projects'
  • Bulk change old issues to set correct security level

Is that right? Worth confirming if you can, in case if helps someone else with the same problem.

Yes, that's exactly what happened and how it was fixed!


Also the default security level should have been set to new issues:

1. Choose [cog]> Issues.
2. Select Issue Security Schemes to open the Issue Security Schemes page.
3. Click the scheme name, or the Security Levels link in the Operations column, to open the Edit Issue Security Levels page.
a) To set the default security level, locate the appropriate Security Level and click Default in the Operations row.


Awesome : ) Glad to help.

Suggest an answer

Log in or Sign up to answer
Community showcase
Published Wednesday in Jira

Make your Atlassian Cloud products more secure: our NEW admin security guide

Hey admins! I’m Dave, Principal Product Manager here at Atlassian working on our cloud platform and security products. Cloud security is a moving target. As you adopt more products, employees consta...

131 views 0 6
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you