Not able to update the Custom Field on jira issues

Hi,

I’ve a jira app which creates a read-only custom field when installed. I’m trying to update this custom field through the rest API (/rest/api/3/issue/{issueIdOrKey}), but I get http 400 Bad Request as response. When I hit the issue editmeta endpoint(rest/api/3/issue/{issueIdOrKey}/editmeta), I’m not getting this field in the response. Probably I’m missing something in the configuration of this custom field.
Can someone help me out here or point me to the relevant docs?

Thanks,
Nawaz

Hey @NawazPasha ,
there is an experimental REST entry point to update the fields:
https://developer.atlassian.com/cloud/jira/platform/rest/v3/api-group-issue-custom-field-values--apps-/#api-rest-api-3-app-field-value-post

Thanks @a.yessipovskiy for your response. It says in the docs that this endpoint can be hit only from the forge app.
However, my requirement is to update the field which is created by forge app through some other system. From the docs, I couldn’t establish whether it is possible or not!

Oh I see. I kind of missed the part in your question. There is this experimental entry point, but would require you to sign the request accordingly: https://developer.atlassian.com/cloud/jira/platform/rest/v3/api-group-issue-fields/#api-rest-api-3-field-fieldid-put

Is that what you are looking for?

No, its me. I think I failed to explain it clearly.
There is a custom field created by the forge app. I want to update the value of this custom field from a different system. In this other system, I’ve the credentials to invoke the APIs.
I’m not seeing this custom field in the updatable field list returned as response by rest/api/3/issue/{issueIdOrKey}/editmeta

Hi @NawazPasha,

Caterina here from Atlassian. I have a few comments about this for you.

Let me start by sharing what stood out to me:

  • this is a Forge app which is adding a custom field
  • the field is read-only
  • the /rest/api/3/issue/{issueIdOrKey} fails with a 400

The ultimate goal is to attempt to update the custom field added from the Forge app via a REST API called by an external system.

If this is all correct, the short answer is that this is currently not possible. Let me share my research and sources with you.

The https://developer.atlassian.com/platform/forge/manifest-reference/modules/jira-custom-field/ page states that read-only fields are not editable via the Edit issue REST API.

The way to update them is to use the POST /rest/api/2/app/field/value (documented here: https://developer.atlassian.com/cloud/jira/platform/rest/v2/api-group-issue-custom-field-values--apps-/#api-rest-api-2-app-field-fieldIdOrKey-value-put page) this is only available in the context of Forge apps.

I’m checking with a few people to understand if there are more details that I can share and I’ll keep you posted.

When attempting to update such field using the REST API outside of a Forge app like:

  --url 'https://<site>/rest/api/3/app/field/value' \
  --header 'Accept: application/json' \
  --header 'Content-Type: application/json' \
  --data '{
  "updates": [
    {
      "issueIds": [
        11059
      ],
      "value": "low",
      "customField": "customfield_10073"
    }
  ]
}'\
--basic --user '<email>:<token>'

The response I get is:
{"errorMessages":["Only apps can access this resource (impersonated requests are not allowed)."],"errors":{}}

Regarding your comments, I also want to add that:

  • the most common reason for the field not being returned in the rest/api/3/issue/{issueIdOrKey}/editmeta or in the GET /rest/api/3/issue/{issueIdOrKey}?expand=editmeta in the editmeta section is that the field is not visible in the Edit screen. This guide has the steps to show them: Add a custom field to a screen | Atlassian Support
  • the 400 usually indicates a problem with the way the API is called or one of the following condition is happening as documented on the PUT /rest/api/2/issue/{issueIdOrKey} end point under the 400 status code:
  • the user does not have the necessary permission to edit one or more fields.
  • the request includes one or more fields that are not found or are not associated with the issue’s edit screen.
  • the request includes an invalid transition

Let me share the example I’ve been using today, these will result in an expected 400 status code:

  --url 'https://<site>/rest/api/3/issue/{issueIdOrKey}' \
  --header 'Accept: application/json' \
  --header 'Content-Type: application/json' \
  --data '{
    "fields": {
    "customfield_10073": "low"}
}'\
--basic --user '<email>:<token>'

This will return a {"errorMessages":[],"errors":{"customfield_10073":"Field does not support update 'customfield_10073'"}} if the field is marked as read-only.

If the field is not read-only and visible on the edit screen, the update via REST API will succeed. If, instead, the field is not visible on the edit screen but still not read-only, the following error message is returned {"errorMessages":[],"errors":{"customfield_10073":"Field 'customfield_10073' cannot be set. It is not on the appropriate screen, or unknown."}}.

I hope this clarifies a few things here. Please let me know if you have any follow up questions and I’ll let you know if I have any updates for you.

Thank you,
Caterina

1 Like

Hi @ccurti ,

Thanks for taking time to answer this in detail.
I do now understand that there is certain technical limitation because of which one cannot update the value of custom field created by forge apps from any external system using REST API.

Exact requirement and some background:

  1. Forge app once installed by the user in their Atlassian account, creates a read-only custom field
    a. The reason behind keeping the field read-only is to dis-allow any manual, unintentional or accidental updates by the jira users.
  2. One of our products is integrated with Jira Cloud (through basic auth as well as OAuth 2.0)
  3. When user performs a specific operation in this product, we need to update the custom field (which is created by the forge app) of a particular jira issue with some information.

And I’m receiving the below error message with http status 400 on hitting the PUT endpoint /rest/api/3/issue/{issueIdOrKey}

{
    "errorMessages": [],
    "errors": {
        "customfield_10033": "Field 'customfield_10033' cannot be set. It is not on the appropriate screen, or unknown."
    }
}

FYI, this setup is something we already have in place for the Jira server and plugin combination from quite sometime and it works without any problem. Hence expected it for cloud too.

Thanks,
Nawaz

Hi @NawazPasha,

Thank you for the additional context. It’s very helpful.
You are right that the error message you posted will correspond to a 400 status code. I didn’t pay attention to the status code when testing this scenario but I can confirm that’s the expected status code in this scenario.

I’m saying that this is expected after checking the PUT /rest/api/2/issue/{issueIdOrKey} documentation which states the following as a possible reason for a 400 response (see highlighted text):

I’ve update my response to clarify this.

I’m still discussing which options are available with our engineers and I’ll revert back once I know more.

Thank you,
Caterina

2 Likes

Hi @NawazPasha,

Thank you for your patience here. While there isn’t an ideal solution here, an option that you could consider is to use a Jira expression as validation to define which users will be allowed to edit the fields.

There are a few important points to highlight though:

  • The field will not appear as read-only in the UI but an error message will be shown to the users when attempting to save the updated field value
  • The validation expression is used both when using the UI and when using the REST API, this means that the users allowed to perform the operation via the REST API will also be able to edit the field in the UI.
  • While it is technically possible to have a user as the validation expression, this value is provided in the manifest.yml and cannot be defined at runtime. As you can imagine, this could only work if every customer installs a different version of the app. The only alternative is to configure the expression to check for a member of one of the default group (e.g. site-admins, administrators or jira-administrators) to be allowed to edit the field. There is one more caveat here which is that these groups could be removed from Jira by the customer, so the documentation would need to specify that the group has to be available for the app to work.

In practice, this is how to set this up in the manifest.yml:
The jira:customField module is set as readOnly:false and the group of the users allowed to perform the change is set as expression: user.groups.includes('administrators').

  jira:customField:
    - key: custom-field-app
      name: Custom Field
      description: A custom field in Forge
      readOnly: false
      type: string
      validation:
        expression: user.groups.includes('administrators')
        errorMessage: Editing of this field is restricted

And just in case you believe that defining a user in the expression might also work, the expression would look like expression: user.accountId == "<AccountId>"

Let me know what you think and if there are any questions.

Caterina

@NawazPasha were you able to get around this limitation? If you did, would you please share the approach? Thanks!

For those attempting to set a custom field of type labels through the REST API that are getting this issue. Try moving the configuration outside of the fields key and into update, like so:

{
  "fields": {
    // your other fields
  },
  "update": {
    "customfield_10029": [
      { "add": "ANY_VALUE" }
    ]
  }
}

That did the trick for me.

1 Like