Restrict "/rest/api/2/dashboard" to only users in the instance and not anonymous users

XMLWordPrintable

    • 3
    • 5

      the customer wants to restrict access to the following API, they don't want the list of dashboards to be public visible

      Get all dashboards
GET /rest/api/2/dashboard

Returns a list of dashboards owned by or shared with the user. The list may be filtered to include only favorite or owned dashboards.

This operation can be accessed anonymously.

Permissions required: None.

Connect app scope required: READ

OAuth scopes required: 
read:jira-work

       

       

      Atlassian
      The public API mentions that: "This operation can be accessed anonymously." 
       
      Please refer to this documentation about the share permissions. Quote from the documentation:

      Public—Public sharing means sharing the dashboard with users who are not logged in to your Jira Cloud site. Note that if you share a dashboard publicly, it will be visible and searchable on the internet. See Prevent or remove public access for more information.

      To prevent or remove the public access, please refer to: Prevent or remove public access 
      To bulk edit dashboards to change permissions via the public API, please refer to: Bulk edit dashboards API. Please note that this API is currently experimental. Or raising a support ticket, our support engineer will be able to help with bulk editing the share permissions.

       
       
       

            Assignee:
            Unassigned
            Reporter:
            Carlos Bodini (Inactive)
            Votes:
            7 Vote for this issue
            Watchers:
            15 Start watching this issue

              Created:
              Updated:
              Resolved: