Can I select 2 or more Security Levels for a JIRA Ticket?

In one of my JIRA project, I have 13 different security levels. Sometimes it is required to choose more than 1 security levels for a particular JIRA ticket but didn’t that option.

Well, we can create a separate security level with required user groups for the ticket but this is not an option as it will increase the number of security levels to infinite.

Many thanks an advance.

4 answers

1 accepted

0 votes
Accepted answer

Thanks Jobin and Nic,

I am glad to have responses from two Atlassian Answer legends. :)

I am afraid, both project role and custom fields with multi-select will not work in my environment and tried both however security levels is the only option here and I am managing through it.

My question was a query and now it’s a wish. :)

Thanks again guys for your time.


2 votes

That is the whole point of security levels. You add as many as you need :) But remember that you can have project roles and other types like custom fields which can be used in a security level. Maybe you can make use of them as well instead of just going with groups.

For example, you can use a custom field and then the issue owner can define who goes in that custom field value.

1 vote

No, security levels are a single setting. I'm afraid you'll need a 14th security level which incorporates the ones you're trying to mix.

Hi Nic,

Thanks for your answer. This is exactly I am doing at the moment and its increasing my security levels from 13 to 14, 15, 16.......... but do you think this is a right option?

For example, I have levels like SL1 (Includes Group X) , SL 2 (Includes Group Y), SL 3 (Includes Group Z). Now if I want a JIRA ticket to be accessible only by X and Y, I have to create another levels which will include Group X and Group Y instead of selecting SL1 and SL2, but please think about the numbers of possible combinations when you have more security levels !!!!!!!!

The Security Level Fields needs to be multi select.


I don't think a multi-select works. Security levels are already complex, and in the real world, people don't think in multiple levels like that.

A typical scheme something like: top secret, secret, classified, restricted or unclassified. A document will have a single one of those stamps on it at any one time - it's utter nonesense to say something is "secret" and "restricted" at the same time - the higher level always trumps the lower one.

However... I suspect you are using security levels to model a group access system, which is quite painful. I think you should be looking more at roles to do this, and possibly moving to "security by group" model (Where you only have two security levels - public and restricted, and a group-picker on the issue, which is then used in the restricted security level)

basically: "dreaming is free", Haha

I have the same problem, I limit the visibility of the issue according to the value of three fields

and I can not way to do it with native tools of JIRA

handle with groups? are over 1000 combinations

there is no other solution :(

Not dreaming, he's got an impossible situation - multiple security levels simply doesn't make enough sense to be useful.

Is there solution to this situation in 2017? 

I created 10 security level groups but there are times when issues is going to 2 groups simultaneously. 

Please suggest any solution. 

There is no big problem here, the solution is mainly to define your security groups well.

I understand your point Nic, However situation is like this 

I have 7 groups and has totally different users in it. 

worst case scenario: I have to show ticket to 3 groups out 7 for xyz reason ( It could happen if I could use 3 groups in security level simultaneously)


And of course I do not want to create 8th group for those 3 together, otherwise I ll be creating groups forever.

How would you resolve it? 

Create the 8th level.

You have an over-complicated security requirement here, the only way you can meet it securely is to set up the multiple levels it is forcing on you.

And I could if I knew the combination before hand. 

So I created 7 checkboxes for each security group so user can check them as required (since security level gives single value select dropdown) and click on next step

and based on checkboxes I created filters for post function to add security level in that next step. 

And It adds only one security group out of all the combinations. 

I wish it could work in this way as mentioned. ( That's what clients want)

I think you're missing the point that it can't work that way, as it wouldn't hide what you need it to.

but I can't create groups with combination of 7 groups either. Moreover, it will confuse hell out of client.... 


what would be best in this case?

Suggest an answer

Log in or Sign up to answer
Community showcase
Published Feb 13, 2019 in Jira

Make your Atlassian Cloud products more secure: our NEW admin security guide

Hey admins! I’m Dave, Principal Product Manager here at Atlassian working on our cloud platform and security products. Cloud security is a moving target. As you adopt more products, employees consta...

600 views 0 12
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you