Emails are shown in people directory although turned off in security configration.
Platform notice: Server and Data Center only. This article only applies to Atlassian products on the Server and Data Center platforms.
Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.
*Except Fisheye and Crucible
Summary
You would like to restrict user email visibility to only for site administrators so it is not publicly visible. To configure we perform the following steps.
To configure User Email Visibility:
- Choose the cog icon
, then choose General Configuration - Choose 'Security Configuration'.
- Choose 'Edit'. The fields on the 'Security Configuration' screen will be editable.
- Select one of the options from the 'User email visibility' dropdown: 'public', 'masked', or 'only visible to site administrators'.
- Choose 'Save'.
Even after doing the above steps the other users (non-admin) can still see the emails which is a security concern.
Environment
7.3.5
Diagnosis
No related errors could be found in the Confluence logs.
Cause
This issue is caused by the "Linchpin User Profiles" plugin.
Solution
The concerned plugin can be disabled and the issue will not occur.