Restrict Jira Service Management Agent access based on issue type
Platform Notice: Cloud - This article applies to Atlassian products on the cloud platform.
Summary
Since JSM doesn't have the feature to set Issue Security directly to an Issue Type, this article aims to show how to get around this limitation using Request Type Forms / Automation for Jira.
1. Create groups for each issue type
First, you need to create groups for each issue type you want to restrict. This will ease how you manage agents when allowing/disallowing access to tickets.
Follow the instructions in Create groups to Create a group and Edit a group to Add members.
2. Create a new Issue Security Scheme & Security Levels
Second, you need to create a new Issue Security Scheme and Security Levels and assign the groups to it.
Follow the instructions in Configure issue security schemes to Create an Issue Security Scheme, Add a level security level, and Add members.
It's recommended to add the following groups/roles to your security level.
| User / Groups / Project Roles | Reason |
|---|---|
| Group (<Group's name>) | This is the group of agents that will be able to see the tickets; you can add more than one if needed. |
| Service Project Customer - Portal Access | This allows customers and request participants to be able to access the tickets. |
| Project Role (atlassian-addons-project-access) | This allows Automation for Jira to be able to access the tickets |
3. Associate the Issue Security Scheme with your Project
Third, you need to associate this new issue security scheme with your project.
Follow the instructions in Configure issue security schemes to Assign an issue security scheme to a project.
4. Setting the Security Level when an issue is created
Next, you can set the security level at ticket creation using Request Form or Automation for Jira.
Choose from the below options based on your requirements.
Request Type Forms
You can add the security level field to the request form and define a default value for tickets raised through the Portal. The agents can also change the field internally; follow the instructions below to customize the fields of your request form:
- Go to your Project Settings
- Select Request Types
- Choose the request type name that matches the issue type you're restricting to edit it
- Ensure you're in the Request Form tab and add the Security Level field to the screen
- Set the Default security level to your request type
- Save the changes
Reminder
In case you have more than one request type associated with an issue type, you'll need to repeat this process for each of them.
Automation for Jira
Follow the instructions below to create a new Automation Rule to set the Security Level when a ticket is created:
- Go to Project Settings
- Select Automation
- Select Create rule
- In the Trigger, select Issue Created and Save
- Add a New condition, and select the If/else block
- Add a new condition and select Issue Fields condition, select the field: Issue Type, condition: equals, and for value: select the issue type you want to configure the restriction, then Save
- Add a new component, select Edit Issue, on the "Choose fields to set..." select Security Level, and to the following field, select the Security Level you created
- If you have more than one Issue type to restrict, on the left sidebar, find the add else-if and click on it, then repeat steps 5a & 5b for each one of them
In case your Security Level is not showing on the field, please review:
- if the Project Role (atlassian-addons-project-access) is added to the security level
- if a group you belong to is added to the security level