Delta Guard: API

Delta Guard API allows administrators to protect Jira custom fields by controlling visibility and edit permissions. It also manages how existing field history is handled when moving between protected and unprotected states.

Endpoints v2

Base URL:
<jiraBaseUrl>/rest/dsr-custom-field-protector/2

1. Protect a Custom Field

POST /cf-migration/{fieldId}/protect

Transform a custom field into its protected form. You can choose how to handle its history and configure permissions per context.

Path Parameters

Name	Description	Example

Name	Description	Example
fieldId	Custom field ID to protect	`10601`

Request Body

Field	Description	Allowed Values

Field	Description	Allowed Values
historyAction	How to handle existing public history	`LEAVE` (keep public), `REMOVE` (delete), `CONVERT` (apply new permissions)
contexts	List of field config/context IDs	Array of IDs `["10204", "10206"]`
permissionData	List of permission definitions (see CFPermissionGrant)	JSON array

Responses

200 – Custom field successfully protected
400 – Invalid request (bad historyAction, invalid context, already protected)
403 – User is not an administrator
404 – Field not found

Example

POST: http://localhost:8080/rest/dsr-custom-field-protector/2/cf-migration/10601/protect
Body:
{
    "historyAction": "LEAVE",
    "contexts": ["10703"],
    "permissionData": [
        {
        "subject": {
            "type": "any",
            "key": "any"
        },
        "access": "VIEW",
        "type": "ALLOW"  
        }]
}

Unprotect a Custom Field

POST /cf-migration/{fieldId}/unprotect

Convert a protected field back to its unprotected version.

Path Parameters

Name	Description	Example

Name	Description	Example
fieldId	Custom field ID to unprotect	`10404`

Query Parameters

Name	Description	Allowed Values

Name

Description

Allowed Values

historyAction

How to handle protected history

REMOVE (delete),

CONVERT (make public)

Responses

200 – Field successfully unprotected
400 – Invalid request (bad historyAction, already unprotected)
403 – User is not an administrator
404 – Field not found

Example

POST http://localhost:8080/rest/dsr-custom-field-protector/2/cf-migration/10404/unprotect?historyAction=CONVERT

Endpoints v1

Base URL:
<jiraBaseUrl>/rest/dsr-custom-field-protector/1

1. Protect a Custom Field

POST /cf-migration/{str_fieldId}/protect

Transform a custom field into its protected form. You can choose how to handle its history and configure permissions per context.

Path Parameters

Name	Description	Example

Name	Description	Example
str_fieldId	Custom field ID to protect	`customfield_10601`

Request Body

Field	Description	Allowed Values

Field	Description	Allowed Values
historyAction	How to handle existing public history	`LEAVE` (keep public), `REMOVE` (delete), `CONVERT` (apply new permissions)
contexts	List of field config/context IDs	Array of IDs `["10204", "10206"]`
permissionData	List of permission definitions (see CFPermissionGrant)	JSON array

Responses

200 – Custom field successfully protected
400 – Invalid request (bad historyAction, invalid context, already protected)
403 – User is not an administrator
404 – Field not found

Example

POST: http://localhost:8080/rest/dsr-custom-field-protector/1/cf-migration/customfield_10601/protect
Body:
{
    "historyAction": "LEAVE",
    "contexts": ["10703"],
    "permissionData": [
        {
        "subject": {
            "type": "any",
            "key": "any"
        },
        "access": "VIEW",
        "type": "ALLOW"  
        }]
}

2. Unprotect a Custom Field

POST /cf-migration/{str_fieldId}/unprotect

Convert a protected field back to its unprotected version.

Path Parameters

Name	Description	Example

Name	Description	Example
str_fieldId	Custom field ID to unprotect	`customfield_10404`

Query Parameters

Name	Description	Allowed Values

Name

Description

Allowed Values

historyAction

How to handle protected history

REMOVE (delete),

CONVERT (make public)

Responses

200 – Field successfully unprotected
400 – Invalid request (bad historyAction, already unprotected)
403 – User is not an administrator
404 – Field not found

Example

POST http://localhost:8080/rest/dsr-custom-field-protector/1/cf-migration/customfield_10404/unprotect?historyAction=CONVERT

3. Apply Permissions to a Field Context

POST /permissions/{fieldId}/{configId}

Replace existing permissions for a field context.

Path Parameters

Name	Description	Example

Name	Description	Example
fieldId	Custom field ID	`10010`
configId	Field context ID	`10204`

Request Body
List of CFPermissionGrant objects in JSON format.

Responses

200 – Permissions applied successfully (returns applied permissions list)
400 – Invalid request
403 – User is not an administrator
404 – Field or context not found

Example

POST http://localhost:8080/rest/dsr-custom-field-protector/1/permissions/10200/10300
Body:
[
    {
      "subject": {
        "type": "group",
        "key": "jira-administrators"
      },
      "access": "VIEW",
      "type": "ALLOW"
    },
    {
      "subject": {
        "type": "group",
        "key": "jira-administrators"
      },
      "access": "EDIT",
      "type": "ALLOW"
    }
]

4. Get Permissions for a Field Context

GET /permissions/{fieldId}/{configId}

Retrieve permissions for a specific field context.

Path Parameters

Name	Description	Example

Name	Description	Example
fieldId	Custom field ID	`10010`
configId	Field context ID	`10204`

Responses

200 – Returns list of applied CFPermissionGrant
400 – Invalid request
404 – Field or context not found

Example

GET http://localhost:8080/rest/dsr-custom-field-protector/1/permissions/10200/10300

5. Get Permissions for a Field (All Contexts)

GET /permissions/{fieldId}

Retrieve all permissions across contexts for a protected custom field.

Path Parameters

Name	Description	Example

Name	Description	Example
fieldId	Custom field ID	`10010`

Responses

200 – Returns JSON object with contexts and applied permissions
403 – User is not an administrator
404 – Field or context not found

Example

GET http://localhost:8080/rest/dsr-custom-field-protector/1/permissions/10200

Response:

{
  "10201": [
    { 
      /* CFPermissionGrant */ 
    },
    { 
      /* CFPermissionGrant */ 
    }
  ],
  "10202": [
    { 
      /* CFPermissionGrant */ 
    }
  ]
}

Entities

Field Config vs Context

FieldConfig: Jira’s internal term
Context: The label displayed in the Jira admin UI

You can find field contexts in:
Administration → Issues → Custom Fields → Actions → Configure

CFPermissionGrant

Represents a permission granted to a subject for accessing a protected custom field.
Each grant defines whether the subject is allowed or denied specific access.

Field	Description	Allowed Values

Field	Description	Allowed Values
access	Type of access	`VIEW`, `EDIT`
type	Permission action	`ALLOW`, `DENY`
subject	The target entity to which the permission is applied.	Subject Type	Key
		`any`	`any`
		`user`	User key (`JIRAUSER10000`)
		`group`	Group name (`jira-administrators`)
		`user_field`	Field ID (`assignee`)
		`group_field`	Field ID (`customfield_11402`)
		`project_role`	Role ID (`10100`)

Example Permission List

[
    {
      "subject": {
        "type": "any",
        "key": "any"
      },
      "access": "VIEW",
      "type": "ALLOW"
    },
    {
      "subject": {
        "type": "user",
        "key": "JIRAUSER10000"
      },
      "access": "VIEW",
      "type": "DENY"
    },
    {
      "subject": {
        "type": "group",
        "key": "jira-administrators"
      },
      "access": "VIEW",
      "type": "DENY"
    },
    {
      "subject": {
        "type": "user_field",
        "key": "assignee"
      },
      "access": "EDIT",
      "type": "ALLOW"
    },
    {
      "subject": {
        "type": "group_field",
        "key": "customfield_11402"
      },
      "access": "EDIT",
      "type": "ALLOW"
    },
    {
      "subject": {
        "type": "project_role",
        "key": "10100"
      },
      "access": "EDIT",
      "type": "ALLOW"
    }
]