Uploaded image for project: 'Jira Platform Cloud'
  1. Jira Platform Cloud
  2. JRACLOUD-63994

The rest documentation around certain user resources is incorrect with respect to anonymous access and the "Browser User" permission

XMLWordPrintable

      NOTE: This bug report is for JIRA Cloud. Using JIRA Server? See the corresponding bug report.

      The JIRA cloud and server rest documentation both state in certain rest resources that they cannot be accessed anonymously. However, when "Anyone" is granted the "Browser User" permission anonymous users can use some rest resources for which the documentation states that they are not permitted access.

      The following rest resources have this documentation issue:

      1. https://docs.atlassian.com/jira/REST/cloud/#api/2/groupuserpicker-findUsersAndGroups / https://docs.atlassian.com/jira/REST/server/#api/2/groupuserpicker-findUsersAndGroups 

      2. https://docs.atlassian.com/jira/REST/cloud/#api/2/user-findUsersForPicker / https://docs.atlassian.com/jira/REST/server/#api/2/user-findUsersForPicker 

      3. https://docs.atlassian.com/jira/REST/cloud/#api/2/user-findUsers /  https://docs.atlassian.com/jira/REST/server/#api/2/user-findUsers 

      4. https://docs.atlassian.com/jira/REST/cloud/#api/2/user-findUsersWithBrowsePermission / https://docs.atlassian.com/jira/REST/server/#api/2/user-findUsersWithBrowsePermission 

              Unassigned Unassigned
              dblack David Black
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated:
                Resolved: