Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Can I safely change and if it is supported to change "user_key" field in "app_users" table?

Paweł “zaicnupagadi” Jarosz
Paweł “zaicnupagadi” Jarosz January 30, 2019

Hey Everyone,

 

We are doing an excercise for GDPR, and we are renaming one user in JIRA for tests, and just by an accident it appeared that "user_key" field in "app_user" has old - not anonymized - username, "lower_user_name" is anonymized, but not the "user_key".

 

I've read on forum that this field is only used once - when user firt time logs into JIRA. My question is whether I can somehow change it via API, and if yes - how?

 

If not, is it supported to do it from the database level?

Our JIRA version is v6.4.10

Appreciate any help on this,

Pawel J

Answer
Watch
Like Be the first to like this
522 views

1 answer

0 votes
Andy Heinzer
Andy Heinzer
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
January 31, 2019

You can't change that value using the application (Jira), or using any of the API in Jira.  The user_key field in that table is set only once, when the account is first created.   That said it is possible to change this via the database directly.  Technically these kinds of direct database changes are not officially supported by Atlassian per our Support Offerings.   Hence we recommend that you create a backup of your data and stop Jira before making direct database changes like this.  And testing on a staging instance is also recommended before trying this in a production environment.

That said, I would recommend taking a look at our Server GDPR support guide here on community. It has a pretty comprehensive set of guides for all our server products.   For Jira specifically check out the JIRA Core, JIRA Software and JIRA Service Desk Server and Data Center GDPR support guides

It sounds like you're focusing here on the Right to Erasure which we have detailed steps to follow.  It has a section called

Modifying user_key - (Optional - only when user_key is PD)

that should help here.  There are SQL scripts you can follow to make sure that you can comply with GDPR requests and still keep Jira in a functional state.

I hope this helps.

Andy

View More Comments
Andy Heinzer
Andy Heinzer
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
June 29, 2020

Since the time of my original answer, Jira Server has since implemented some additional features to help manage this process.  More details are in https://blog.developer.atlassian.com/important-gdpr-changes-in-jira-server/

Starting with Jira 8.2 there are a few additional features that allow Jira to anonymize their user_key value within Jira natively for any existing account. 

Screen Shot 2020-06-29 at 11.24.04 AM.png

Furthermore, newly created accounts in Jira versions such as 8.2 and higher will automatically have user_key values that are not based on the name of the user.

That said the other support guides I have linked to above are still valid ways to remove such data from Jira Server, even for older versions that might not have yet upgrade to 8.2 or higher yet.

Cheers,

Andy

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira Software
TAGS
AUG Leaders

Atlassian Community Events

    See all events