-
Bug
-
Resolution: Fixed
-
High
-
None
-
27
-
Severity 2 - Major
-
22
-
We've confirmed that this behavior is reoccurring and have reopened this ticket.
Augusto Pasqualotto | Support Engineer, Jira Service Management Cloud
Summary
- Portal-only customer accounts do not have any configurable privacy options(Atlassian accounts do have configurable privacy options)
- For customer accounts - the expected behaviour is that:
- Agents can see customer email addresses
- Customers can see other customer email addresses if both have access to the same ticket/request
Calling either:
- <instance_name>.atlassian.net/rest/api/2/search?jql=id=<issue_key>&expand=changelog&maxResults=1
- <instance_name>.atlassian.net/rest/api/2/search?jql=id=<issue_key>
- <instance_name>.atlassian.net/rest/api/3/users/search?accountId=%
Doesn't return the emailAddress field for customer accounts as expected - the field is missing:
"reporter": {
"self": "https://dnguyen4-test3.atlassian.net/rest/api/2/user?accountId=qm%3Axxxxx-xxxxxx-xxxxxxx-xxxxxxxxx",
"name": "qm:xxxxx-xxxxxx-xxxxxxx-xxxxxxxxx",
"key": "qm:xxxxx-xxxxxx-xxxxxxx-xxxxxxxxx",
"accountId": "qm:xxxxx-xxxxxx-xxxxxxx-xxxxxxxxx",
"avatarUrls": {
"48x48": "https://avatar-cdn.atlassian.com/default?size=48&s=48",
"24x24": "https://avatar-cdn.atlassian.com/default?size=24&s=24",
"16x16": "https://avatar-cdn.atlassian.com/default?size=16&s=16",
"32x32": "https://avatar-cdn.atlassian.com/default?size=32&s=32"
},
"displayName": "MyDisplayName",
"active": true,
"timeZone": "Europe/Amsterdam",
"accountType": "customer"
Steps to Reproduce
- Call the instance to fetch issue data <instance_name>.atlassian.net/rest/api/2/search?jql=id=<issue_key>
- Examine the response body
Expected Results
- The response shows the emailAddress field
"reporter": { "self": "https://dnguyen4-test3.atlassian.net/rest/api/2/user?accountId=qm%3Axxxxx-xxxxxx-xxxxxxx-xxxxxxxxx", "name": "qm:xxxxx-xxxxxx-xxxxxxx-xxxxxxxxx", "key": "qm:xxxxx-xxxxxx-xxxxxxx-xxxxxxxxx", "accountId": "qm:xxxxx-xxxxxx-xxxxxxx-xxxxxxxxx", "avatarUrls": { "48x48": "https://avatar-cdn.atlassian.com/default?size=48&s=48", "24x24": "https://avatar-cdn.atlassian.com/default?size=24&s=24", "16x16": "https://avatar-cdn.atlassian.com/default?size=16&s=16", "32x32": "https://avatar-cdn.atlassian.com/default?size=32&s=32" }, "displayName": "MyDisplayName", "active": true, "timeZone": "Europe/Amsterdam", "accountType": "customer", "emailAddress": "myemailaddress@domain.invalid"
Actual Results
"emailAddress": "myemailaddress@domain.invalid" is missing from the response body
Notes
- "Reporter" and "Request participants" field affected
- Possibly any other fields where the emailAddress field should be present
Workaround
- No known workarounds
- duplicates
-
-
- Closed
-
- relates to
-
-
- Closed
-
-
![[Atlassian Service Operations JIRA] Incident - A failure to a managed service being resolved by following the process to Resolve an Incident.](https://ops.internal.atlassian.com/jira/images/icons/issuetypes/exclamation.png "[Atlassian Service Operations JIRA] Incident - A failure to a managed service being resolved by following the process to Resolve an Incident.")
HOT-87836
You do not have permission to view this issue
- mentioned in
-
Page Failed to load
-
Page Failed to load
-
Page Loading...
-
-
-
-
[JSDCLOUD-8289] API: Unable to fetch customer email address via API
hi Vu,
How did you resolve this issue? I am still having same problem with our customer site. Both
- /rest/servicedeskapi/organization/<Organization_ID>/user
- /rest/api/3/user?accountId=<Account_Id>
endpoints don't return customer's email addresses
Thanks for fixing this a couple weeks ago Vu! We saw that a due date of December 12th was added to this around 12 hours ago. Everything is working right now, so that is worrisome, haha. Is something going to change with this? We just want to make sure we are prepared since this critical functionality to JSM.
Hi Everyone,
We have identified the cause and resolved the issue.
Cheers,
Vu
Since there was a lot of discussion on this the last time that it happened, let me just clarify what is broken again... the following endpoints are some examples of ones that are again incorrectly hiding the emailAddress for portal-only Jira Service Management customers (the non-counted users of an instance):
Anything that tries to grab the Reporter or Request Participant information from an issue is affected (issue_key can also be used anywhere that I am saying issue_id below and this affects REST v2 as well... just to be extra clear):
- <instance_name>.atlassian.net/rest/api/3/issue/<issue_id>
- <instance_name>.atlassian.net/rest/api/3/search?jql=id=<issue_id>
Anything searching users by accountId:
- <instance_name>.atlassian.net/rest/api/3/users/search?accountId=<valid qm: accountid>
- <instance_name>atlassian.net/rest/api/3/user?accountId=<valid qm: accountid>
In the UI, the user profile cards are again incorrectly hiding the email address for these users. These users do not have email visibility settings in their servicedesk profile (and they shouldn't be able to ever hide that from the Service Desk Team). Right now, Jira Service Management is essentially broken because you cannot be sure that you know who your customer is when they are communicating with you and any integrations with your own customer systems cannot map to anything since those systems cannot see the emailAddress.
Yesterday, this seems to have reverted to blocking portal only email addresses again. We believe that it started around 8 hours ago in our instances. We need to be able to grab the issue.fields.reporter.emailAddress via API. Users should also be able to see those email addresses in the UI.
Hi,
I am talking about the global email visibility setting for Jira accounts - it is set to public (picture attached). If this is not enough for pulling email address of managed accounts through the API, then what is? Is it personal setting of an account on Atlassian level? Does it mean I have to ask all users to set email address to only admin and me visibility? Or is there any other way? Thanks!
Specifically which issue you are you seeing, there is a few mentioned in this ticket? Can you also confirm that the users privacy settings allow you to see their email address (if they are a customer account and you have an agent license you will be able to see them, otherwise you won't by default). There's more details on the latter on https://jira.atlassian.com/browse/JRACLOUD-72483
A customer account is a service desk user that logs in through the service desk portal and does not count as a licensed user. These users are scoped only to your site and are what this issue is about. Usually these accountIds will start with `qm:` (but this is not guaranteed).
A normal Atlassian account is one who is either a licensed user on Jira or a managed account in Atlassian access. They can use that account to log into other Atlassian services such as bitbucket. In this case the user controls their privacy settings and email is restricted by default.
despite we have allowed public visibility of user email addresses globally in Jira administration
Could you explain what you mean here? Individual users control their email address visibility from their user profile page.
Hi
we are still not getting email attribute when using https://iws.atlassian.net/rest/api/2/user?accountId=********** and we are not getting data for email when using https://iws.atlassian.net/rest/api/3/user/search?query= despite we have allowed public visibility of user email addresses globally in Jira administration. Any advice?
Harry, please can you explain what's the difference between customer account id and normal Atlassian account id that you mentioned in the above comment?
Hi
https://xxx.atlassian.net/rest/api/latest/search?fields=reporter&jql=key="Ticket number"