Learn about security solutions and standards
Care about security? We do too. Learn what Atlassian does and what you can do too.
An anonymous user is anyone who has not logged in to your product. Product administrators can choose to grant anonymous users permission to view or even create content. This is known as public access in Jira and Jira Service Management. About public access
The anonymous access rule allows you to prevent people who are not logged from from viewing issues covered by a data security policy. What is a data security policy?
Who can do this? |
If you haven’t created a data security policy yet, create one now. The anonymous access rule is available for policies that cover that cover products, spaces and projects, or classification levels (Jira only).
To add the anonymous access rule to your policy:
Go to admin.atlassian.com. Select your organization if you have more than one.
Select Security > Data security policies.
Select your policy from the list.
Select the Anonymous access rule.
Select Block anonymous access.
Save your changes.
People will not be able to view issues covered by the policy without being logged in to Jira with the appropriate permissions.
When the anonymous access rule is set to Block anonymous access:
People must be logged in to see issues covered by this policy. They can’t view issues in filters, boards, search, or other places issues appear in Jira.
If a user attempts to access an issue covered by this policy via a direct URL they’ll see a prompt to log in.
If a user attempts to access an issue covered by this policy via the REST API, the issue won’t be returned.
When the anonymous access rule is set to Allow anonymous access:
Permission schemes control whether people must be logged in to see issues covered by this policy.
Was this helpful?