• Products
  • Documentation
  • Resources

Configure issue security schemes

You can create issue security levels within issue security schemes to let you and your team control who can see particular issues. When you associate an issue security scheme with a project, you can apply its security levels to issues in that project. Subtasks inherit the security level of their parent issue.

You need to be a Jira Cloud admin to configure issue-level security.

You can't edit project permissions or roles on the Free plan for Jira Software or Jira Work Management, and you can't configure issue-level security on any Free plan (including Jira Service Management). Find out more about how project permissions work in Free plans. To take advantage of Jira's powerful project permission management features, upgrade your plan.

Screenshot of security levels in Jira Cloud

The security level lock icon will only appear if there’s a security scheme set for the project, and if the security level is added to the View/Edit screen. Only users with permission can set the issue security level.

Allow users and groups to set issue security

Before anyone can set issue-level security, you first need to grant relevant users and groups the Set Issue Security project permission.

  1. Select > Issues.

  2. Select Permission Schemes.

  3. Locate the permission scheme you'd like to update, and select Permissions in the Actions column.

  4. Choose Edit for the Set Issue Security permission.

  5. Select who to grant the permission to and choose Grant.

Create an issue security scheme

  1. Select > Issues.

  2. Under ISSUE ATTRIBUTES, select Issue security schemes.

  3. Click Add Issue Security Scheme.

  4. Fill in the requested details and click Add.

Add a security level to an issue security scheme

  1. Select > Issues.

  2. Under ISSUE ATTRIBUTES, select Issue security schemes.

  3. Click the scheme name or the Security Levels link in the Actions column.

  4. Fill in the requested details and then click Add Security Level.

Set the default security level for an issue security scheme

You now have the power to select the default security level that will be applied to issues assigned to each security scheme. Some things to keep in mind when setting a default security level: 

  • If the reporter of an issue does not have the 'Set Issue Security' permission, the issue will be set to the default security level. 

  • If an issue security scheme doesn't have a default security level, issue security levels will be set to 'None' (anyone can see the issues).

  1. Select > Issues.

  2. Under ISSUE ATTRIBUTES, select Issue security schemes.

  3. Click the scheme name or the Security Levels link in the Actions column.

    1. To set the default security level, locate the appropriate Security Level and click Default in the Actions column.

    2. To remove the default security level, click Change default security level to "None" link (near the top of the page).

Add members to a security level

  1. Select > Issues.

  2. Under ISSUE ATTRIBUTES, select Issue security schemes.

  3. Click the scheme name or the Security Levels link in the Actions column.

  4. Locate the appropriate security level and click Add link in the Actions column

  5. Select the appropriate user, group or project role, then click the Add button.

A security level's members may consist of:

  • Individual users

  • Groups

  • Project roles

  • Issue roles such as 'Reporter', 'Project Lead', and 'Current Assignee'

  • 'Anyone' (eg. to allow anonymous access)

  • A (multi-)user or (multi-)group picker custom field.

Repeat steps 4 and 5 until all appropriate users, groups, or project roles have been added to the security level.

Assign an issue security scheme to a project

  1. Go to your project and click Project settings

  2. Select Issue Security from the project settings sidebar.

  3. Choose Actions > Select a scheme.

  4. Select the scheme you want to associate with the project.

  5. If there are no previously secured issues (or if the project did not previously have an issue security scheme), skip the next step.

  6. If there are any previously secured issues, select a new security level to replace each old level. All issues with the security level from the old scheme will now have the security level from the new scheme. You can choose 'None' if you want the security to be removed from all previously secured issues.

  7. Click the Associate button to associate the project with the issue security scheme.

If the Security Level field isn’t displayed on the issue view after configuring the Issue-Level Security, use the Find your field tool to see why. Learn more about finding a field on the issue view.

If the Security level has been hidden on purpose, please see the limitations of doing so in Hiding or showing a field.

Edit an issue security scheme

You can edit the name and description of an issue security scheme. You can also edit the default security level when editing an issue.

  1. Select > Issues.

  2. Under ISSUE ATTRIBUTES, select Issue security schemes.

  3. Click the Edit link in the Actions column for the scheme that you want to edit.

  4. Make your changes and choose Update.

Copy an issue security scheme

You can copy an existing scheme to save time. If there's an existing scheme that almost meets your needs, you can copy it then make the required edits.

  1. Select > Issues.

  2. Under ISSUE ATTRIBUTES, select Issue security schemes.

  3. Click the Copy link in the Actions column for the scheme that you want to copy. 

A new scheme will be created with the same security levels and the same users/groups/project roles assigned to them. Your new scheme will be called 'Copy of ...'. You can then edit your new scheme to give it a different name.

Delete an issue security scheme

It's important to understand that you can't delete a issue security scheme if it is associated with a project. You must first remove any associations between the issue security scheme and projects on your Jira site. See Assign an Issue Security Scheme.

  1. Select > Issues.

  2. Under ISSUE ATTRIBUTES, select Issue security schemes.

  3. Click the Delete link in the Actions column for the scheme that you want to delete.

Additional Help