This resource represents permissions. Use it to obtain details of all permissions and determine whether the user has certain permissions.
Returns a list of permissions indicating which permissions the user has. Details of the user's permissions can be obtained in a global, project, issue or comment context.
The user is reported as having a project permission:
commentId is provided whose permissions does not equal BROWSE_PROJECTS, a 400 error will be returned.This means that users may be shown as having an issue permission (such as EDIT_ISSUES) in the global context or a project context but may not have the permission for any or all issues. For example, if Reporters have the EDIT_ISSUES permission a user would be shown as having this permission in the global context or the context of a project, because any user can be a reporter. However, if they are not the user who reported the issue queried they would not have EDIT_ISSUES permission for that issue.
Global permissions are unaffected by context.
This operation can be accessed anonymously.
Permissions required: None.
Connect app scope required: READ
read:jira-workread:permission:jirastring
string
string
string
string
string
string
string
Returned if the request is successful.
Details about permissions.
1
2
3
4
5
6
7
8
9
10
11
12
// This sample uses Atlassian Forge
// https://developer.atlassian.com/platform/forge/
import api, { route } from "@forge/api";
const response = await api.asUser().requestJira(route`/rest/api/2/mypermissions?permissions=BROWSE_PROJECTS%2CEDIT_ISSUES`, {
headers: {
'Accept': 'application/json'
}
});
console.log(`Response: ${response.status} ${response.statusText}`);
console.log(await response.json());1
2
3
4
5
6
7
8
9
10
11
12
{
"permissions": {
"EDIT_ISSUES": {
"description": "Ability to edit issues.",
"havePermission": true,
"id": "12",
"key": "EDIT_ISSUES",
"name": "Edit Issues",
"type": "PROJECT"
}
}
}Returns all permissions, including:
This operation can be accessed anonymously.
Permissions required: None.
Connect app scope required: ADMIN
manage:jira-configurationread:permission:jiraThis request has no parameters.
Returned if the request is successful.
Details about permissions.
1
2
3
4
5
6
7
8
9
10
11
12
// This sample uses Atlassian Forge
// https://developer.atlassian.com/platform/forge/
import api, { route } from "@forge/api";
const response = await api.asUser().requestJira(route`/rest/api/2/permissions`, {
headers: {
'Accept': 'application/json'
}
});
console.log(`Response: ${response.status} ${response.statusText}`);
console.log(await response.json());1
2
3
4
5
6
7
8
9
10
{
"permissions": {
"BULK_CHANGE": {
"description": "Ability to modify a collection of issues at once. For example, resolve multiple issues in one step.",
"key": "BULK_CHANGE",
"name": "Bulk Change",
"type": "GLOBAL"
}
}
}Returns:
If no account ID is provided, the operation returns details for the logged in user.
Note that:
globalPermissions, projectPermissions, projectPermissions.projects, and projectPermissions.issues are ignored.projectPermissions.permissions are ignored.Deprecation notice: The required OAuth 2.0 scopes will be updated on June 15, 2024.
read:jira-workread:permission:jiraThis operation can be accessed anonymously.
Permissions required: Administer Jira global permission to check the permissions for other users, otherwise none. However, Connect apps can make a call from the app server to the product to obtain permission details for any user, without admin permission. This Connect app ability doesn't apply to calls made using AP.request() in a browser.
Connect app scope required: READ
read:permission:jiraDetails of the permissions to check.
string
array<string>
array<BulkProjectPermissions>
Returned if the request is successful.
Details of global and project permissions granted to the user.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
// This sample uses Atlassian Forge
// https://developer.atlassian.com/platform/forge/
import api, { route } from "@forge/api";
var bodyData = `{
"accountId": "5b10a2844c20165700ede21g",
"globalPermissions": [
"ADMINISTER"
],
"projectPermissions": [
{
"issues": [
10010,
10011,
10012,
10013,
10014
],
"permissions": [
"EDIT_ISSUES"
],
"projects": [
10001
]
}
]
}`;
const response = await api.asUser().requestJira(route`/rest/api/2/permissions/check`, {
method: 'POST',
headers: {
'Accept': 'application/json',
'Content-Type': 'application/json'
},
body: bodyData
});
console.log(`Response: ${response.status} ${response.statusText}`);
console.log(await response.json());1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
{
"globalPermissions": [
"ADMINISTER"
],
"projectPermissions": [
{
"issues": [
10010,
10013,
10014
],
"permission": "EDIT_ISSUES",
"projects": [
10001
]
}
]
}Returns all the projects where the user is granted a list of project permissions.
This operation can be accessed anonymously.
Permissions required: None.
Connect app scope required: READ
read:jira-workread:permission:jira, read:project:jiraarray<string>
RequiredReturned if the request is successful.
A list of projects in which a user is granted permissions.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
// This sample uses Atlassian Forge
// https://developer.atlassian.com/platform/forge/
import api, { route } from "@forge/api";
var bodyData = `{
"permissions": [
"<string>"
]
}`;
const response = await api.asUser().requestJira(route`/rest/api/2/permissions/project`, {
method: 'POST',
headers: {
'Accept': 'application/json',
'Content-Type': 'application/json'
},
body: bodyData
});
console.log(`Response: ${response.status} ${response.statusText}`);
console.log(await response.json());1
2
3
4
5
6
7
8
{
"projects": [
{
"id": 22,
"key": "<string>"
}
]
}Rate this page: