Details
-
Bug
-
Resolution: Unresolved
-
Low
-
Minor
-
Description
Issue Summary
When performing a request to the Find users REST API endpoint https://developer.atlassian.com/cloud/jira/platform/rest/v3/api-group-user-search#api-rest-api-3-user-search-get by inserting the email address on the query parameter erroneously, the response of the endpoint still returns the result.
This is because of the following logic: when an email address is recognized as invalid a possible user error/mistake is taken into account and therefore the email address is tokenized and the different tokens are used to try to match full name or display name fields. So, the result is returned in case one of the name fields matches one of the tokens, but this is not clearly documented.
Steps to Reproduce
- Perform a request to the endpoint using an email with '123' at the end:
/rest/api/3/user/search?startAt=0&maxResults=50&query=something@email.com123
Expected Results
Empty result
Actual Results
If one of the name fields matches or include 'something' the search will still return the information.
Workaround
Currently there is no known workaround for this behavior. A workaround will be added here when available
Attachments
Issue Links
- is related to
-
-
- Gathering Impact
-