Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

[Jira REST API] Deleted Users Still Accessible via API – Why?

Vasilis Kokotakis
Vasilis Kokotakis February 12, 2025

Hey all,

I'm working with the Jira REST API for my application and have a question.

I'm an admin in Jira and have successfully established a connection between Postman and my Jira account (I created an app via Atlassian Developer, and everything is working as expected).

However, when I delete a Jira user—either through Postman or the web UI—I can still access their data via the API.

Why is this happening? If I delete a user, I would expect their data to be inaccessible.

Has anyone else encountered this issue? Is there any documentation that explains this behavior?

Thanks in advance!

Answer
Watch
Like Be the first to like this
43 views

1 answer

1 accepted

0 votes
Answer accepted
Tuncay Senturk
Tuncay Senturk
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
February 12, 2025

Hi @Vasilis Kokotakis 

Take it with a pinch of salt but I presume, when a user is deleted in Jira, their account is deactivated but not removed entirely. In order to retain historical data related to the user (they created, commented, transitioned, etc) this is a must for the auditing and issue history purposes.

View More Comments
Vasilis Kokotakis
Vasilis Kokotakis February 12, 2025

Hey, thanks for your reply.

This seems really strange to me. I understand that Jira needs to retain some data for reference, but deleted users should be completely inaccessible to admins—both from the web UI (which already seems to be the case) and from the backend API.

Right now, I can still fetch and even update (!) data of deleted users from my organization via the API, which doesn’t seem right.

Is this behavior documented anywhere? I’d really like to spend some time reading about it.

Vasilis

Like
Vasilis Kokotakis
Vasilis Kokotakis February 12, 2025

+ Is there any way / are we able to detect with API if user was "deleted"?

Like
Tuncay Senturk
Tuncay Senturk
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
February 12, 2025

Yes, you can detect if a user was deleted (or deactivated) via the Jira REST API. However, I'm uncertain whether you can differentiate between the two; I mean, I don't know if there is a way to determine if the user is deactivated due to being deleted. You can call /rest/api/3/user?accountId=<USER_ACCOUNT_ID> REST API and check the active property from the returned JSON. 

Like Vasilis Kokotakis likes this
Vasilis Kokotakis
Vasilis Kokotakis February 12, 2025

Thanks @Tuncay Senturk 

Like
Tuncay Senturk
Tuncay Senturk
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
February 12, 2025

You're welcome!

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
FREE
PERMISSIONS LEVEL
Product Admin
TAGS
AUG Leaders

Atlassian Community Events

    See all events