Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Forge Application overrideScreenSecurity.

Alan Oh
Alan Oh July 28, 2023

Hi,

Objective: I have a hidden field called "syncId" this field shouldn't be in the issue details view therefore I need to use the overrideScreenSecurity to populate the field.

I have tested using Scriptrunner the PUT method is fine, but when I tested it with forge it says that I have to have the Browse Project permission and to do it I also need to be JIRA Admin.

I have Added myself in my own instance as a JIRA Admin and ensure that I also have the browse and edit premission to perform the action.

I tried the same code with fields that are in the Screen Scheme but when the fields are not in the screen scheme or any screen It just keep throw 403. 

Error Message recieved
"Connect app users with "admin" permission and Forge apps acting on behalf of users with ADMINISTER permission can override screen security."

what could be the problem ?

Code Src index.jsx
------------

Screenshot 2023-07-28 at 4.25.25 PM.png

------------

YML file:

------------
permissions:
scopes:
- read:jira-user
- read:jira-work
- write:jira-work

------------

If anyone have any idea of what is going on please help me, thanks I have been stuck with this issue for a week now.

regards,

Alan.

 

Answer
Watch
Like John Funk likes this
1379 views

2 answers

1 accepted

0 votes
Answer accepted
Alan Oh
Alan Oh September 5, 2023

Hi All,

I hope this helps those who have encountered this issue or want to use overrideScreenSecurity.

I have solved this by:

Changing a little of my code to use asApp() instead of asUser() also including. ALL the manage, read and write permission scope in to the yml file. I believe the attachment can help you get the answers you are looking for as well.

Screenshot 2023-09-05 191025.pngScreenshot 2023-09-05 191203.png

I have deployed my code and it is functioning as it should be.

View More Comments
Wortho
Wortho
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
October 31, 2023

I finally got this working thanks for this snippet. For anyone that is struggling, you cannot do this on create new issue (despite the doco saying you can). Create the issue and then do an update to the custom field as shown here and it works in /api/3 too.

Like
Reply
0 votes
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
July 28, 2023

Welcome to the Atlassian Community!

Your Forge application is not logging in with a user who has permissions in that project.

View More Comments
Alan Oh
Alan Oh July 31, 2023

Hi Nic,

So that means, I have to add an Authroization in the header ?
I tried with Basic and Bearer before doing it this way

headers : {

    'Content-Type' : 'application/json',

    'Accept' : 'application/json',

    'Authroization': 'Basic <base64Token> or Bearer <base64Token>'

}

so the base64Token format is email@token ? 

Thanks for assisting in this matter

Like
Alan Oh
Alan Oh August 13, 2023

please advise

Like
Alan Oh
Alan Oh August 13, 2023

Hi Nic,

After some checking in the atlassian admin site for my instance. All my users are set to administrators of the jira instance, my permissions are as administrators  and my 3 users have, Org admin, Site admin and Jira admin permissions. 
What is missing.

I do not understand what am I doing wrong. Is it possible to provide me with a snippet of the code so that I can debug my code and perform the workaround. 
Thank you so much for assisting in this matter.

Regards,
Alan

Like
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
August 14, 2023

Admin rights mean admin, they do not mean you have any access to the projects.  Check that your users have browse project, and edit rights in it as well.

Like
YY Brother
YY Brother
Community Champion
August 16, 2023

Hi Nic, I didn't get what you meant either. Could you please explain it more details about your suggested solution?

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
STANDARD
PERMISSIONS LEVEL
Product Admin
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Terms Security
    Welcome illustration

    Welcome to the new Atlassian Community

    Online forums and learning are now in one easy-to-use experience.

    By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.