Confluence won't help you because it follows the same permissions schema - for the user to see a page, they must first have view permission to the whole Space, so you end up in the same conundrum except it's harder to manage in Confluence.
Security levels are indeed the start of what you need when it comes to restricting browse access to users in the project.
However, you might also want to consider using Custom Fields and Reporter.
In Permission Scheme, under BROWSER_PROJECTS, you can add Reporter, and/or a multiuser picker custom field e.g. "External users".
The rest under BROWSE_PROJECTS can stay as is, probably you have project roles in it which is totally fine.
The key point here being - the user is not a member of project roles, but if he is a reporter on an issue - he will see that issue (thus you would need to set him as a reporter). Likewise, if you add him to the External users field, he will then be able to see the issue.
The 'Create issue' permission itself can be open to anybody so everybody can create an issue without any express role membership - and since they will be the reporter, they will see that issue, but they won't see any others.
Other than these your only option is security levels, but mind you that would require either a lot of levels, or a lot of automations to keep the security levels consistent across the whole project.
If you have a lot of specific users that should have access to just specific issues, you will likely be better of by setting up the reporter/customfield option since you don't have to maintain 1000 different security levels.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.