Prevent anonymous access

An anonymous user is anyone who has not logged in to your product. Product administrators can choose to grant anonymous users permission to view or even create content. This is known as public access in Jira and Jira Service Management. About public access

The anonymous access rule allows you to prevent people who are not logged from from viewing issues covered by a data security policy. What is a data security policy?

Add the anonymous access rule to your policy

If you haven’t created a data security policy yet, create one now. The anonymous access rule is available for policies that cover classification levels (Jira only).

To add the anonymous access rule to your policy:

1. Go to admin.atlassian.com. Select your organization if you have more than one.

2. Select Security > Data security policies.

3. Select your policy from the list.

4. Select the Anonymous access rule.

5. Select Block anonymous access.

6. Save your changes.

People will not be able to view issues covered by the policy without being logged in to Jira with the appropriate permissions.

What will my users experience?

When the anonymous access rule is set to Block anonymous access:

• People must be logged in to see issues covered by this policy. They can’t view issues in filters, boards, search, or other places issues appear in Jira.

• If a user attempts to access an issue covered by this policy via a direct URL they’ll see a prompt to log in.

• If a user attempts to access an issue covered by this policy via the REST API, the issue won’t be returned.

When the anonymous access rule is set to Allow anonymous access:

• Permission schemes control whether people must be logged in to see issues covered by this policy.