Privacy: Changelogs and username

accountid
gdpr
jira-cloud
changelog

#1

Hi team,

I’m giving another go to try to remove all the username and userkey lookups from our addon. We are still facing the changelog problem where the changed field data refers to username instead of account ids.

The from and to values on changelogs are usernames instead of accountIds. This is for rest issue responses and webhooks.

image

This issue has been discussed several times but I could not find the active issue/bug/discussion.

https://ecosystem.atlassian.net/browse/ACJIRA-1501
https://ecosystem.atlassian.net/browse/ACJIRA-1510

What’s the plan on this issue? Are you adding some kind of fromAccountId/fromAccountIds and toAccountId/toAccountIds values to the changelog? Please keep in mind multiple user pickers.

At the moment we are patching the events replacing the usernames for account id in order to not store personal data. This workaround requires username lookups.

Could you point me to the current discussion about this issue?

Cheers
Fernando


#2

Hi @fboucquez,
if you add ‘x-atlassian-force-account-id’:true to your REST call header, you’ll receive accountIds instead of usernames in the changelog.


#3

HI @david2,

Thank you for the x-atlassian-force-account-id=true header hint. I thought that was just for fixing the watchers set rest calls. The header did fix the responses in issue requests.

I’m still facing the webhook problem. Changelogs in issue webhooks are still referencing usernames instead of account ids. I’m using the apiMigration flag

image

Our addon mostly relies on incoming webhook to perform a task.

It seems like the API migration flag doesn’t change the webhook body content. Just the JWT arguments, query parameters and it does some descriptor validation.

Do you know how to turn on account id on in incoming webhooks?

Cheers
Fernando


#4

I think that deserves a nice new ACJIRA bug report :slight_smile:
In the meantime, you might have to call the rest API while processing the webhook to grab the correct issue history.


#5

Thanks, @david2!

I have raised https://ecosystem.atlassian.net/browse/ACJIRA-1692

Grabbing the issue history could work but I would need to filter out all the histories keeping the “last one” the given current user has done with some kind of timeframe.

I would like to keep the changelog in the incoming webhook as the source of truth. I would still patch the from/to usernames for now until the issue is fixed.

Cheers!