Details
-
Suggestion
-
Resolution: Unresolved
-
None
-
1
-
Description
Summary
Jira WebHooks impersonate the user triggering the webhook event when sending information. If the user is a Jira Service Management portal customer or the event is triggered anonymously, custom fields that require the user to have a certain role or to be authenticated will return an error.
While JQL can be used to narrow down the type of events that trigger the WebHook, it's not possible to check if the initiator of the action is a portal customer or anonymous user.
It would be beneficial to either:
- Be able to exclude custom fields that will return a permission error
- Filter events based on user role from being sent