Currently, we’ve set apiMigration in our atlassian JSON as followed and also setting x-atlassian-force-account-id
header in REST API request,
"apiMigrations": {
"gdpr": true
}
With respect to above change we get user in following format,
[
{
"self": "https://test.atlassian.net/rest/api/2/user?accountId=31738123jkjkdiasdasd",
"accountId": "31738123jkjkdiasdasd",
"emailAddress": "my.mail@test.com",
"avatarUrls": {
"16x16": "https://avatar-cdn.atlassian.com/35fd4f306f0268c5e645506728fc790c?s=16&d=https%3A%2F%2Fsecure.gravatar.com%2Favatar%2F35fd4f306f0268c5e645506728fc790c%3Fd%3Dmm%26s%3D16%26noRedirect%3Dtrue",
"24x24": "https://avatar-cdn.atlassian.com/35fd4f306f0268c5e645506728fc790c?s=24&d=https%3A%2F%2Fsecure.gravatar.com%2Favatar%2F35fd4f306f0268c5e645506728fc790c%3Fd%3Dmm%26s%3D24%26noRedirect%3Dtrue",
"32x32": "https://avatar-cdn.atlassian.com/35fd4f306f0268c5e645506728fc790c?s=32&d=https%3A%2F%2Fsecure.gravatar.com%2Favatar%2F35fd4f306f0268c5e645506728fc790c%3Fd%3Dmm%26s%3D32%26noRedirect%3Dtrue",
"48x48": "https://avatar-cdn.atlassian.com/35fd4f306f0268c5e645506728fc790c?s=48&d=https%3A%2F%2Fsecure.gravatar.com%2Favatar%2F35fd4f306f0268c5e645506728fc790c%3Fd%3Dmm%26s%3D48%26noRedirect%3Dtrue"
},
"displayName": "Aakash [QMETRY]",
"active": true,
"timeZone": "Asia/Kolkata",
"locale": "en_US"
}
]
This response is proper and as per our expectation. Now, it’s possible for user to restrict apps from accessing their displayName, timeZone or locale as stated in following link,
https://developer.atlassian.com/cloud/jira/platform/api-changes-for-user-privacy-announcement/
I’ve done changes in my profile as depicted in following screenshot.
However, even after doing such change the REST API do return all the details, worth to note that I’m trying to access user details from different user’s account. So, either I am missing anything here or the REST API is ignoring the privacy settings for now. It would be really appreciated if anyone can help to do privacy changes so that REST APIs stops returning the user personal data.