https://your-domain.atlassian.net/rest/api/3/user/permission/searchReturns a list of users who fulfill these criteria: * their user attributes match a search string. * they have a set of permissions for a project or issue. If no search string is provided, a list of all users with the permissions is returned. This operation takes the users in the range defined by `startAt` and `maxResults`, up to the thousandth user, and then returns only the users from that range that match the search string and have permission for the project or issue. This means the operation usually returns fewer users than specified in `maxResults`. To get all the users who match the search string and have permission for the project or issue, use Get all users and filter the records in your code. Privacy controls are applied to the response based on the users' preferences. This could mean, for example, that the user's email address is hidden. See the Profile visibility overview for more details. This operation can be accessed anonymously. **Permissions required:** * *Administer Jira* global permission, to get users for any project. * *Administer Projects* project permission for a project, to get users for that project.
A query string that is matched against user attributes, such as `displayName` and `emailAddress`, to find relevant users. The string can match the prefix of the attribute's value. For example, *query=john* matches a user with a `displayName` of *John Smith* and a user with an `emailAddress` of *johnson@example.com*. Required, unless `accountId` is specified.
This parameter is no longer available. See the [deprecation notice](https://developer.atlassian.com/cloud/jira/platform/deprecation-notice-user-privacy-api-migration-guide/) for details.
A query string that is matched exactly against user `accountId`. Required, unless `query` is specified.
A comma separated list of permissions. Permissions can be specified as any: * permission returned by [Get all permissions](#api-rest-api-3-permissions-get). * custom project permission added by Connect apps. * (deprecated) one of the following: * ASSIGNABLE\_USER * ASSIGN\_ISSUE * ATTACHMENT\_DELETE\_ALL * ATTACHMENT\_DELETE\_OWN * BROWSE * CLOSE\_ISSUE * COMMENT\_DELETE\_ALL * COMMENT\_DELETE\_OWN * COMMENT\_EDIT\_ALL * COMMENT\_EDIT\_OWN * COMMENT\_ISSUE * CREATE\_ATTACHMENT * CREATE\_ISSUE * DELETE\_ISSUE * EDIT\_ISSUE * LINK\_ISSUE * MANAGE\_WATCHER\_LIST * MODIFY\_REPORTER * MOVE\_ISSUE * PROJECT\_ADMIN * RESOLVE\_ISSUE * SCHEDULE\_ISSUE * SET\_ISSUE\_SECURITY * TRANSITION\_ISSUE * VIEW\_VERSION\_CONTROL * VIEW\_VOTERS\_AND\_WATCHERS * VIEW\_WORKFLOW\_READONLY * WORKLOG\_DELETE\_ALL * WORKLOG\_DELETE\_OWN * WORKLOG\_EDIT\_ALL * WORKLOG\_EDIT\_OWN * WORK\_ISSUE
The issue key for the issue.
The project key for the project (case sensitive).
The index of the first item to return in a page of results (page offset).
The maximum number of items to return per page.
{
"success": true,
"data": {
"id": "abc123",
"created_at": "2025-01-01T00:00:00Z"
}
}{
"success": false,
"error": {
"code": "VALIDATION_ERROR",
"message": "Invalid request parameters"
}
}1curl --request GET \2 --url 'https://your-domain.atlassian.net/rest/api/3/user/permission/search' \3 --header 'accept: application/json' \4 --header 'content-type: application/json'1{2 "success": true,3 "data": {4 "id": "abc123",5 "created_at": "2025-01-01T00:00:00Z"6 }7}https://your-domain.atlassian.net/rest/api/3/user/permission/searchReturns a list of users who fulfill these criteria: * their user attributes match a search string. * they have a set of permissions for a project or issue. If no search string is provided, a list of all users with the permissions is returned. This operation takes the users in the range defined by `startAt` and `maxResults`, up to the thousandth user, and then returns only the users from that range that match the search string and have permission for the project or issue. This means the operation usually returns fewer users than specified in `maxResults`. To get all the users who match the search string and have permission for the project or issue, use Get all users and filter the records in your code. Privacy controls are applied to the response based on the users' preferences. This could mean, for example, that the user's email address is hidden. See the Profile visibility overview for more details. This operation can be accessed anonymously. **Permissions required:** * *Administer Jira* global permission, to get users for any project. * *Administer Projects* project permission for a project, to get users for that project.
A query string that is matched against user attributes, such as `displayName` and `emailAddress`, to find relevant users. The string can match the prefix of the attribute's value. For example, *query=john* matches a user with a `displayName` of *John Smith* and a user with an `emailAddress` of *johnson@example.com*. Required, unless `accountId` is specified.
This parameter is no longer available. See the [deprecation notice](https://developer.atlassian.com/cloud/jira/platform/deprecation-notice-user-privacy-api-migration-guide/) for details.
A query string that is matched exactly against user `accountId`. Required, unless `query` is specified.
A comma separated list of permissions. Permissions can be specified as any: * permission returned by [Get all permissions](#api-rest-api-3-permissions-get). * custom project permission added by Connect apps. * (deprecated) one of the following: * ASSIGNABLE\_USER * ASSIGN\_ISSUE * ATTACHMENT\_DELETE\_ALL * ATTACHMENT\_DELETE\_OWN * BROWSE * CLOSE\_ISSUE * COMMENT\_DELETE\_ALL * COMMENT\_DELETE\_OWN * COMMENT\_EDIT\_ALL * COMMENT\_EDIT\_OWN * COMMENT\_ISSUE * CREATE\_ATTACHMENT * CREATE\_ISSUE * DELETE\_ISSUE * EDIT\_ISSUE * LINK\_ISSUE * MANAGE\_WATCHER\_LIST * MODIFY\_REPORTER * MOVE\_ISSUE * PROJECT\_ADMIN * RESOLVE\_ISSUE * SCHEDULE\_ISSUE * SET\_ISSUE\_SECURITY * TRANSITION\_ISSUE * VIEW\_VERSION\_CONTROL * VIEW\_VOTERS\_AND\_WATCHERS * VIEW\_WORKFLOW\_READONLY * WORKLOG\_DELETE\_ALL * WORKLOG\_DELETE\_OWN * WORKLOG\_EDIT\_ALL * WORKLOG\_EDIT\_OWN * WORK\_ISSUE
The issue key for the issue.
The project key for the project (case sensitive).
The index of the first item to return in a page of results (page offset).
The maximum number of items to return per page.
{
"success": true,
"data": {
"id": "abc123",
"created_at": "2025-01-01T00:00:00Z"
}
}{
"success": false,
"error": {
"code": "VALIDATION_ERROR",
"message": "Invalid request parameters"
}
}1curl --request GET \2 --url 'https://your-domain.atlassian.net/rest/api/3/user/permission/search' \3 --header 'accept: application/json' \4 --header 'content-type: application/json'1{2 "success": true,3 "data": {4 "id": "abc123",5 "created_at": "2025-01-01T00:00:00Z"6 }7}