How to allow a user to see specific tickets w/o issue security

If you don't want to use Issue security to restrict users to see tickets and also don't want all your users to see all tickets available in Jira, this article will help you achieve this.

By simply adding a user picker custom field in the permission "Browse Project" you can choose the ticket and the user that you want to share with.

 

1 - Create a custom field with the type "User Picker (multiple users)" and add to the project screen.

Screenshot 2018-08-14_17-26-20.png

2 - Go to the Project settings > Permission and add the custom field on Browse projects > User custom field value > Grant.

Screenshot 2018-08-14_17-28-51.png

Screenshot 2018-08-14_17-29-15.png

3 - Go to the ticket that you want to share with this user and click on Admin > Add field.

4 - After clicking on Edit field, on the next screen, you will type the users' name and Submit.

Screenshot 2018-08-14_15-14-47.png

Screenshot 2018-08-14_15-15-03.png

NOTES

  • Users must be added to the default group of the desired product, it means that they will count as a licensed one.
  • Users added to this field will be able to see all projects, but not the issues. They will only see the issue if you add their name.
  • If you want the user to comment on the ticket, then just add the same custom field on "Add Comments" permission as well.

 

Update:

With the recent changes in Jira regarding the New issue view, the option "Edit field" is not available anymore.

Now, it will be necessary to add the field to the view/edit screen and it will be visible on all tickets, it will not be possible to select only on a specific ticket.

Please, go to Project settings > Screens > Click on Screen Shot 2021-04-07 at 10.51.52.pngto edit the screens for the desired issue types.

Screen Shot 2021-04-07 at 10.53.09.png

Screen Shot 2021-04-07 at 10.53.38.png

Then, search for the field you created previously and add it to the screen.

Hope this helps!

If you have questions or feedback, please let us know.

16 comments

Fadoua
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
September 7, 2018

Very interesting! Thank you @Angélica Luz for this valuable information and a thank you to @Daniel Eads for sharing this post!

Angélica Luz
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
September 7, 2018

You're very welcome @Fadoua
I'm so glad that the article is helpful!

Regards,
Angélica

Matt Doar
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
September 13, 2018

Does this approach make the project name (but not the issue details) visible to everyone, even if they are not logged in?

Angélica Luz
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
September 13, 2018

Hi @Matt Doar

Thank you for your question.

The name of the projects will be available only for internal users, those who are logged in.

This configuration does not make the project public, because when you add the name of the user (step 4) only this user will see the project list.

Regards,
Angélica

Matt Doar
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
September 13, 2018

I remember now. When you have a set of users who are third party contractors and they are not supposed to see the names of any projects that they don't have access to (they don't have Browse Projects permission). Then adding a User Picker field to the Browse Projects permission allows them to see the project name (but still not the issues).

So if your project name or key is sensitive, this approach will leak that information to all authenticated users. Probably not a big deal in most cases but good to know. Unauthenticated users will not see any project information. Tested in Jira 8.0 EAP.

Like Yugo Hino likes this
Angélica Luz
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
October 3, 2018

Hi @Matt Doar,

I know that it has been a while, but I was searching for something else and found a bug related to your concern about the projects' names and I would like to share here:

- https://jira.atlassian.com/browse/JRASERVER-34389
- https://jira.atlassian.com/browse/JRASERVER-31720

Regards,
Angélica

Like Yugo Hino likes this
Matt Doar
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
October 3, 2018

Exactly, thank you for adding them. Just one of those things it helps to know :)

Sayan Kaiser October 21, 2020

Hi Angelica,

This is an amazing solution 

thanks,

Sayan

Steven Slezak April 6, 2021

Hello - This solution worked for what I needed to do. But why doesn't it send a notification to the user who's tagged?

Angélica Luz
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
April 7, 2021

Hi @Steven Slezak,

Welcome to the Community!

The user will receive a notification if you mention them in a comment, for example, but they won't receive a notification when you select them on the field you created. The field is a User Picker custom field the same as the Assignee field, but it doesn't have the same functionality, so the person won't be notified when you select them.

Kind regards,
Angélica

Irene Ryan April 29, 2021

Hi @Angélica Luz 
Great article, it looks like the answer to my prayers. 
However I am getting stuck at step 1, and I am wondering if this approach works with the next gen projects?

Like Angélica Luz likes this
Angélica Luz
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
April 30, 2021

Hello @Irene Ryan,

The steps apply only to classic (company-managed) projects. 

On next-gen (team-managed), it’s not possible to add a field to the permissions, and also, the available permissions on Project settings > Access don’t allow only “View” issues.

Kind regards,
Angélica

André Borges October 18, 2021

@Angélica Luz 

Is it normal that with this solution the user can see all tickets in the search bar like "last tickets" etc also from other projects?

tickets.png

Like Angélica Luz likes this
Angélica Luz
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
October 20, 2021

Hi @André Borges,

Thank you for your question.

I tested the workaround again just to make sure I wasn’t missing something since Jira change a lot since I posted this article and with my test user I wasn’t able to view other tickets. It only shows tickets the user has access to.

If the user is seeing the tickets it means that a group they are part of was added to the permission scheme. Sometimes they can see the ticket, but if they click on it, they won’t be able to view the details.

Note that some permission schemes are shared between projects, so if a group the user is a member of was added to the Browse project permission and the other three projects use the same scheme, the user will be able to see all of them.

Bernat May 25, 2022

Thanks didn't know about how to do that.
It worked 👌👌

Kamil Kubacki April 13, 2023

Thanks it's work, but is any option to automatization bettwen this custom field and "Request Participation" filed in service desk type project? I mean when i pick some users in first field, then i would like same people in second field.

Comment

Log in or Sign up to comment
TAGS
AUG Leaders

Atlassian Community Events