Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

what are best practices for separating Confluence admins from Jira Service Management projects

Jason Gorman
Jason Gorman December 28, 2020

In our company, Confluence is used as a collaboration platform among different departments and Jira Service Management by the IT department as a help desk ticketing system.  Many people were given the Confluence “Org & Site Admin” role and initially had access to Jira Service Management. To remove that access, I removed “site-admins” from the “jira-administrators” group in Atlassian Admin User Management.  Is that enough to prevent a Confluence site admin from accidentally accessing a project, making changes, or viewing tickets? Should additional steps be taken at the project Permission Scheme level? And how can I be certain that I haven’t overlooked some other way into Jira Service Management?

Answer
Watch
Like Be the first to like this
475 views

1 answer

1 accepted

1 vote
Answer accepted
Walter Buggenhout
Walter Buggenhout
Community Champion
December 29, 2020

Hi @Jason Gorman,

It's important to understand the way product and project/space access work across the different Atlassian products you have on board, look at your current setup and maybe redesign certain things from the ground up. Too many people being granted admin rights is a common mistake unfortunately, but can be fixed.

Confluence and JSM are different products, so licensed access (and the associated costs) are managed separately for each product. Navigate to your site's user management and check out the product access page. You will see which groups are granted access to which product (Confluence and JSM being listed separately).

Use the default groups there to grant people there license - this is normally done by default when you grant product access. For Confluence this normally is confluence-users, for JSM jira-servicedesk-users.

It is quite normal to have your site admins have product access as well, as it is their main role to administer the products. If you have too many admins, reducing that number is usually the right thing to do. 

On a final note, JSM is somewhat special in terms of access. Users with a Jira Software license will also be able to access projects (with limited permissions) if they are granted permissions in a project. But that does not go for Confluence users.

So in summary:

  • remove the site admin permissions for people who shouldn't have them
  • check the product access for JSM and Confluence in your site's user management
  • product access is separate for Confluence and JSM
  • product access grants people a license to use a product
  • Jira Software users can view issues in a JSM project if they are granted access to that project; that goes not for Confluence users.
View More Comments
Jason Gorman
Jason Gorman December 29, 2020

Thank you for the detailed posting.  It was very helpful.

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira Service Desk
Jira Service Management
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
STANDARD
PERMISSIONS LEVEL
Product Admin
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Terms Security
    Welcome illustration

    Welcome to the new Atlassian Community

    Online forums and learning are now in one easy-to-use experience.

    By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.