Evaluate permissions without the user in the authentication context as true

Evaluate permissions without the user in the authentication context as true checkbox can be found under secure fields' permissions scheme settings.

Custom fields → Configure → Edit permissions scheme

 

 

What is it for?
Most operations that access issue data (e.g. reading or modifying issues) have a user in the authentication context. It means that access is executed with privileges and on behalf of some particular user.
However, some technical operations are executed without the user in a context, as these operations are not executed by a user but by Jira itself (e.g. sending notifications, event listeners services, custom scripts).

Example: User that is entered in the Secure Single User custom field is set to receive an email notification in a case when particular events occur (e.g. issue creation). If Evaluate permissions without the user in the authentication context as true box is not checked, a user will not be notified. The reason is that the notification generation engine is executed without the user in a context, so our permission engine denies access. If you select this checkbox, it will always allow access and the secure user will be getting notifications.