Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Next challenges

Recent achievements

  • Global
  • Personal

Recognition

  • Give kudos
  • Received
  • Given

Leaderboard

  • Global

Trophy case

Kudos (beta program)

Kudos logo

You've been invited into the Kudos (beta program) private group. Chat with others in the program, or give feedback to Atlassian.

View group

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

How to i disable REST API calls on JIRA, or prevent our private data from being exposed?

How to i limit REST API calls on JIRA, or prevent our private data from being exposed?


I've learned that I can't turn off the REST API all together as i would desire too, but how do i prevent our private information from being exposed? I've had developers and users reach out to our admin's b/c they can see our private info available in the REST API. 

i've spent way too much time mucking about in the admin trying to figure out how to manage this without any success. I see no mention of the API and/or how to manage how to suppress it via our user group settings. 

I would love to have some help, thanks in advance if someone can help us resolve this.

2 answers

1 accepted

1 vote
Answer accepted

Jira can not work without the REST API, so there's no way to turn it off.

But it does restpect the permissions that you set for the UI.  If someone can see an issue in the REST API, then they can see it in the UI as well.

What are you trying to secure that you think is leaking out over REST?

in short our rest api, list our company name and individual users and some project tasks to anyone who browses it, and i would ideally like that to not be the case. 

They can get the same from the UI too, you'd want to think about how to remove it from there as well.

in short our rest api, list our company name and individual users and some project tasks to anyone who browses it, and i would ideally like that to not be the case. 

Suggest an answer

Log in or Sign up to answer
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
STANDARD
PERMISSIONS LEVEL
Site Admin
TAGS

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you