Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
Community Members
Community Events
Community Groups

Is it possible to allow ALL users to view an issue except for a group based on a custom field

I am trying to restrict the view of GroupM on tickets within the project based on the value of custom field 'Client'.


If Client is not ABC, ticket can be viewed by anyone including GroupM users

If Client is ABC, All users except GroupM are able to view the ticket.


I was able to configure Issue Security successfully before similar to this but its the other way around - if Client is ABC, only GroupM can view the ticket. If Client is not ABC, anyone can view the ticket. 

I am trying to find out if there is a way for me to reconfigure the issue security scheme I have setup to use except GroupM instead of only GroupM when the Client is ABC.


Thanks in advance for any help :)

2 answers

4 votes

No, there's no way to do this.  Permissions in Jira are completely permissive, not exclusive.

I thought so.. I was just hoping maybe :) Thanks Nic!

0 votes
Rilwan Ahmed Community Leader Jun 09, 2022

Hi @Sha A_ ,

There is no direct way to achieve this. But manually you can do my making use of Issue Security schemes.


  1. Create Security schemes where you add all groups except GroupM
  2. When a ticket with  client ABC is created, edit and add security scheme created in step 1 to the ticket.
    This will rat access to all users except GroupM to the particular ticket.

That's still the same problem.

Let's say you've got several groups of people, all of whom have "browse project"

Security schemes let you say "only group X can see this issue when security level is set to Y".

But Sha A wants to be able to say "Group X can NOT see the issue when security level is set to Y".

With both permissions and security levels, the only way you can do that is to say "groups A, B, C, D ...... W, Y and Z can see it" - leaving X off the list.  This gives you the problem that if you add a new group who should be able to see the issues, then you have to amend the scheme every time!

Hi @Rilwan Ahmed 

Thanks for the suggestion. I think it would be possible if we only have a few users/ groups. The project is open to all who has access to jira and we have around 50+ groups.


I agree with @Nic Brough _Adaptavist_ as it may be a very tedious process to maintain just for 1 project. 

Thank you though 🙂

Rilwan Ahmed Community Leader Jun 09, 2022

Hi @Sha A_ 

One more turnaround if your project uses project roles in the permission schemes rather than groups directly, then 

  1. Create a new project role, add Group M to it in the project. 
  2. Add created role in your permission scheme like what you have for other roles. 
  3. Create first security scheme and include newly added project role and existing project roles. 
  4. Create Second security scheme with only old project roles and make it default.  So any ticket by default will have second security scheme and for Client ABC, you can edit ticket to first security scheme.

Hi @Rilwan Ahmed


I think you might have something here. I’ll look into this and try it. I may need to add some adjustments and make use of project roles in the permission schemes since it does not use it. 

Thank you! I’ll post updates on what I get after testing. 🙂

Suggest an answer

Log in or Sign up to answer

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you