Can not search by exact email address when Profile Visibility is not Anyone
We are using /rest/api/2/user/search to find the accountId by the exact email address.
We are calling this REST endpoint by an add-on user, as we would like to find the user that should be impersonated.
The problem is that /rest/api/2/user/search does not return any result when PVC is set to anything different from "Anyone".
We would respect the PVC settings, we do not want to see the email address, but we would like to find the corresponding accountId by the exact email address.
Even worse, if we try to execute searching as an admin user instead of the add-on user, we do not found users who set PVC to "Only me and admins".
For this latter case we executed search as an admin:
However, the result should be the account for email@example.com
Our impression according to this, that searching by exact match should have to work:
If privacy setting are not applied then you can search on any field but this issue was when privacy settings are applied. And we only apply privacy setting if:
In api call user pass the apply_privacy_settings=true OR
if we have added the user to feature flag.
since privacy has not yet been rolled out in production.
Anyway it has been tested and confirmed that it is working fine so all good.
Sorry, we do not understand 100% your last comment, can you please clarify how it should work exactly?
Deployed the changes to prod-east. Since this code will only trigger if `privacy_settings` are used. There are 2 ways of doing it 1) pass `apply_privacy_settings=true` in the search request or 2) We add the user with product in our feature-flag so search will apply privacy settings by default. Please let us know which way will you prefer
As far as I remember, it was working some weeks ago.
First when I found search is not working, I asked it on developer community: https://community.developer.atlassian.com/t/user-search-with-email-gdpr-impacts/27953/5
Then I saw it was working until now.
Hope this helps.