Create security levels for issues

You can create issue security levels so you and your team can control who can see particular issues. This can be useful when you receive requests that contain confidential or sensitive information.

You need to be a Jira admin to configure issue-level security.

Create an issue security scheme

First, create an issue security scheme. This scheme can be associated with your project to apply its security levels to issues in your project.

1. Select Settings (), then select Issues.

2. Under ISSUE ATTRIBUTES, select Issue security schemes.

3. Select Add issue security scheme.

4. Enter a name and description, then select Add.

Set up your security levels

Next, you need to add issue security levels to your scheme and add members to each security level so you can control which user or group of users can view an issue.

1. Select Security Levels in the Actions column of your issue security scheme.

2. Enter a name and description, then select Add security level.

3. Select Add in the Actions column of your security level.

4. Select the appropriate user, group or project role, then select Add. You can only add one at a time.

5. Repeat steps 1-4 until you have set up all your security levels.

Set the default security level for your issue security scheme

If you’d like to have all issues in your project apply the same security level, you can choose to set a default. Some things to keep in mind when setting a default security level: 

• If the reporter of an issue does not have the 'Set Issue Security' permission, the issue will be set to the default security level

• If an issue security scheme doesn't have a default security level, anyone will be able to see the issues

To set the default security level, find the appropriate Security Level and select Default in the Actions column.

To remove the default security level, select Change default security level to "None" above the table.

Assign the issue security scheme to your project

Next, you need to assign the issue security scheme to your project.

1. Select Projects, then select your project.

2. From your service project, select Project settings, then Access, then Issue security.

3. Select Actions, then Select a scheme or Use a different scheme (to change schemes).

4. In the Scheme drop-down list, select your scheme, then select Next.

5. Select the security levels for any existing issues you have, then select Associate.

6. Select Acknowledge.

Allow users to set the security level of issues

You can now determine who can set or change the security level of an issue.

1. From your service project, select Project settings, then Access, then Project permissions.

2. Select Actions, then Edit permissions.

3. Find the Set Issue Security permission and select Update.

4. Select the users or group of users who need to be able to change the security level of an issue, then select Update.

Add a security level to your request types

1. From your service project, select Project settings, then Request management, then Request types.

2. Select the name of the request type you want to set a security level for.

3. Select the Restrictions button.

4. Select the Who can view issues tab.

5. Select an option to apply issue security.

   1. If you wish to always have your project default level set even if your scheme changes, select the Always use default security level option. If you don’t have a default level, this option won’t be available to you unless you manage your scheme.

   2. If you wish to always use another of your levels for this specific request type, select the Use security level other than default option. Levels will be broken into groups to show you what level you are a member of. If you apply a level you are not a member of, you won’t be able to view these issues.

6. Select Apply to save changes.

Set the security level of an issue

To set the security level of an issue:

1. Select an issue.

2. Select Set security level () in the top right corner of the page.

3. Select the appropriate security level for the issue from the drop-down list.