Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root


1 badge earned


Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!


Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.


Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!


Jira Permission Scheme API using Script Runner


I have a huge list of projects which I want to assing to a permission scheme. I have explored the api option which works using postman then I created a script but I am facing the issue in authentication. I am not sure what else I need to do.


first time I run the script it gives me 401, second time it gives me 403 and then my account needs a capcha. I am running the script on the script console. Jira Server versions 7.5.3.  The user I use is Jira Admin. 


The scripts goes like below.


import com.atlassian.jira.component.ComponentAccessor
import org.apache.log4j.Logger

// Permission Scheme ID for Archive

def archivePermisssionScheme=10602

// Base64 for username:password

String authString = "XXXXXXXXX"  // Hidden for this post

String requestBody = "{\"id\": " + archivePermisssionScheme + " }"

// Get the Project Manager
def projectManager = ComponentAccessor.getProjectManager() ;
def log = Logger.getLogger("com.onresolve.scriptrunner.runner.ScriptRunnerImpl") ;

def projs_key = ['PROJECT1'] ; // This will be the list of all the projects, testing script for 1 project now 

def counter = 0
def counter_update=0
// Iterate over each Project Object
def project = projectManager.getProjectObjects()

project.each {
String projectKey = it.key ;
String requestUrl = "${projectKey}/permissionscheme"

if (projs_key.contains(it.key))
log.warn( + " - " + projectKey + " - " + ;
counter_update++ ;

try {
URL url = new URL(requestUrl);
HttpURLConnection connection = (HttpURLConnection) url.openConnection();
connection.setRequestProperty("Authorization", "Basic " + authString);
connection.setRequestProperty("Content-Type", "application/json");
OutputStreamWriter out = new OutputStreamWriter(connection.getOutputStream());
log.warn("Response code: " + connection.responseCode);
catch( e ) {
counter++ ;

log.warn("Total projects " + counter );
log.warn("Total impacted projects " + counter_update );


3 answers

1 accepted

Another way is to use PermissionSchemeService class:

import com.atlassian.jira.component.ComponentAccessor
import com.atlassian.jira.permission.PermissionSchemeService

def pss = ComponentAccessor.getComponent(PermissionSchemeService)
// 10002 is the new permission scheme id, 10000 is the project id
pss.assignPermissionSchemeToProject(ComponentAccessor.getJiraAuthenticationContext().getLoggedInUser(), 10002, 10000)
1 vote
Tarun Sapra
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Mar 25, 2019


Thanks for sharing this. This helped.


Word of Caution : addSchemeToProject does not remove the old one automatically, If it is executed on a project having a permission scheme, it breaks Jira. I learned it through hard way though. 

Like # people like this
Tarun Sapra
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Mar 26, 2019

Hello @Mohit Dhir 

Indeed, it's import to mention the earlier permission scheme should be removed from the project using method and then the addSchemeToProject  can be used


If my answer, helped you please upvote/accept so that other users are also helped. Thanks!

Like Gabriel Udvar likes this

but this will remove all schemes from project? so I need to collect all schemes first, then remove all schemes and apply the schemes again, while the one I want to change to be overwritten by the new scheme? sounds like a lot overhead.

Hello @Mohit Dhir 

We too learnt it in the hard way. We then had to remove the project from db. Since it was a test project, it was fine. Is there a better way to fix this?

It would be a good if jira could handle it in a better way.

@Mohit Dhir  , @Tarun Sapra thank you for this.

I just broke my staging Jira by only adding the new scheme and not removing the initial one first. 

Then action related to projects and issues returned an error : "too many permission schemes are assigned to this project: Project_1234"

I fixed it by then running the script again with the "removeSchemesPromProject" function:


permissionSchemeManager.removeSchemesFromProject(projectManager.getProjectByCurrentKey(currentProjectKey)) //this removed all schemes on the project

permissionSchemeManager.addSchemeToProject(projectManager.getProjectObjByKey(currentProjectKey), newPermissionScheme) //assigned the correct permission scheme
  • STATUS 401Returned if the user is not logged in.
  • STATUS 403Returned if the user does not have permissions to edit project's permission schemes. In practice the user needs to be a JIRA administrator.
  • STATUS 404Returned if the project or permission scheme is not found.

Suggest an answer

Log in or Sign up to answer