Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

How do I configure private, per-vendor projects?

Anthony Mastrea1
Anthony Mastrean January 25, 2016

We're evaluating JIRA cloud and I have some questions about setting up a specific type of project and permission scheme. We are a application/services shop and will have several projects that all of our teams can collaborate openly on.

However, we also need to setup a project-per-vendor where we can invite limited persons from our various vendors to open issues or respond to our questions. I don't want them to see any of our internal projects or other vendors' projects.

I'm worried that the permissions scheme to maintain this kind of setup will become a nightmare... am I right?

We'd have to maintain an internal-users group, a group-per-vendor, and assign permissions/schemes to view projects like:

  • vendor bar project: internal-users, vendor-foo
  • vendor bar project: internal-users, vendor-bar
  • internal project qux: internal-users

 

Answer
Watch
Like Be the first to like this
566 views

2 answers

0 votes
James Strangeway
James Strangeway
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
January 25, 2016

Hi Anthony, 

We do this exact thing.  I agree with Phil, if you need really customize what level of permissions you are going to give each vendor, then a role is the best way to do this.  We use a deafult permission scheme, with the default project roles.  We then create groups for each of the project developer and stakeholder groups and assign them the appropriate project role.  I strongly agree with Phil on making sure there are no group or individual permissions assigned in your permission schemes.

Reply
0 votes
Phill Fox
Phill Fox
Community Champion
January 25, 2016

Hi @Anthony Mastrean

You will be pleased to hear that the permissions will not be a nightmare if you configure it right. 

JIRA comes with the concept of user roles on a project. So here is a set of steps for you to work through to make it easy to manage.

 

  1. Add a new role to JIRA "vendor"
  2. Define your shared permissions scheme using is in project role "Vendor" to determine what they can do. Eg Browse/create/edit/add comments etc.
  3. Ensure you also set the appropriate permissions for your internal staff.
  4. Apply your shared permission scheme to each vendor project.
  5. Manage the members of each role for a project to allow them to have access and only access to the right projects.

Couple of things to check 

  1. What is the permission scheme in place for other projects? Make sure this does not include any groups that would allow everyone such as jira-users to see a project.
  2. Make sure that at least the project lead has administer project permission to be able to add people to the different roles.

 

 

View More Comments
Anthony Mastrea1
Anthony Mastrean January 25, 2016

This sounds about right, but requires constant maintenance. Every new internal team member has to be explicitly assigned to the correct group and every new project has to be assigned the correct scheme.

I was hoping there was an explicit feature for privatizing a project or limiting a user's view that required explicit action only on those projects/users.

Like
James Strangeway
James Strangeway
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
January 25, 2016

Right.  It can require some overhead.  Like each project does require us to create a new group for stakeholders, but we have one dev group for the majority of our projects, which we just have to assign to the developer role.  Does not typically require us to move people in and out of the dev. group.

Like
Phill Fox
Phill Fox
Community Champion
January 25, 2016

Hi @Anthony Mastrean

The management of the approach I suggested is relatively simple (and with the right permissions) is delegated from the system administrator to the project administrator. The only action once it is setup is to add/remove users from the role on the project.

 

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Terms Security
    Welcome illustration

    Welcome to the new Atlassian Community

    Online forums and learning are now in one easy-to-use experience.

    By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.