Dev docs: Anonymizing users

On this page

Still need help?

The Atlassian Community is here for you.

Ask the community

Jira admins can anonymize users and any related personal data that appears in Jira. The anonymization includes the following capabilities:

  • Changing the user key and username of an existing user
  • Anonymizing user profile
  • Deleting or anonymizing personal data that appears in Jira

To let your app work with these new capabilities, we've created 4 new extension points that will inform your app about a user being anonymized and the involved actions.

If you need more info about how Jira admins anonymize users and what it involves, head to Anonymizing users.

Extension points & planned workflow

The following actions will help you better understand how the extension points fit into the anonymization flow.

  1. Getting the data

    After admin chooses a user to anonymize, Jira executes the getAffectedEntities method in all of the extension points to display occurrences of user’s data and any related entities (e.g. Component Lead). Anonymization is always triggered for a single user. The process is a background, non-blocking task.

  2. Transferring the ownership

    Some of the entities associated with a user can’t work properly with inactive (anonymized) users and will need to be transferred to a different user, chosen by the admin. For example, an inactive Component lead might break the Default assignee option. To transfer the ownership, Jira executes OwnershipTransferHandler#update.

  3. Deleting/anonymizing the data

    Jira executes UserAnonymizationHandler#update to delete or anonymize user’s personal data and entities that can be accessed only by the user (for example, private dashboards).

  4. Anonymize user keys and usernames

    Jira executes UserKeyChangeHandler#update and UserNameChangeHandler#update to update the user’s user key and username to their anonymized versions (e.g. admin -> JIRAUSER10100). These properties might be stored as foreign keys in the database.

List of extension points

You can find all of the extension points listed below in the com.atlassian.jira.user.anonymize package.



This method finds and displays all occurrences of user's data and any related entities.

It's used in all of the following classes.

Described in each extension point.


This method transfers the ownership of various entities to a different user. It simply changes the user key to a different one.



This method deletes or anonymizes user's data.



These methods change the user’s username and user key to their anonymized versions (e.g. admin → JIRAUSER10100)




Anonymization: Errors

Jira collets exceptions shown by the extension points and presents them as warnings to the admin once the process finishes. Admins then have an option to retry, or rather complete, the failed anonymization. In this case, the extension points receive exactly the same data as they received the first time — the original and the anonymized value.

For a sample implementation of the extension points, you can refer to the jira-reference-plugin and study the implementation classes, such as ReferenceUserKeyChangeHandler and the corresponding entries in the atlassian-plugin.xml file. For example:

<user-key-change-handler key="ref-plugin-user-key-change-handler" class="" />

Anonymization: Ensuing updates

We’ll update all of Jira’s native entities, like custom fields, comments, or work logs, even if they are created by your app.

We won’t introduce any changes to your Active Objects database tables or the extensions that Jira is unable to understand without your app, for example custom workflow transitions.

Last modified on Dec 17, 2019

Was this helpful?

Provide feedback about this article
Powered by Confluence and Scroll Viewport.