Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

How to limit what project and issues vendors can see and work with

PATRICIA MURPHY
PATRICIA MURPHY
Contributor
April 2, 2025

We have a few vendors that we want to collaborate with using projects in our Jira instance.

Requirements:

Each vendor can only see the project and issues within the project we are collaborating with them in.

No Vendor can see all of the projects within our Jira instance.

 

What I have tried that has not worked.

Steps to create vendor restricted access
1Created a specific vendor Role
2Created a specific vendor group
3

Created a Vendor Restricted Permission Scheme

Notes:

I created a copy of our standard permission scheme then edited groups and roles.

Examples

Browse projects I removed "Any logged in user" and added Project Admins and Team Members

Added the specific Vendor role to: Assignable user, Create issues, Transition issues, Add comments, etc.

4Created a  vendor specific project
4aUsed the Vendor Restricted Permission Scheme
4bAdded the specific vendor group, assigned to the vendor role

I invited 3 testers outside of my org to the specific vendor group, when they logged in with their NEW Jira credentials, they can see everything, all projects all issues.

 

What step did I miss?

Do I need to change all of our standard permission schemes to replace "Any logged in user" with specific groups?

 

Help will be greatly appreciated.

Thanks

Pat

 

Answer
Watch
Like Surbhi Soni likes this
137 views

3 answers

1 accepted

3 votes
Answer accepted
Trudy Claspill
Trudy Claspill
Community Champion
April 2, 2025

Hello @PATRICIA MURPHY 

You said you want the Vendors to see only a subset of your projects.

You said you created a new Permission scheme where you removed the Any Logged In User permission allocations, and added the Vendor specific role.

To which projects did you apply that permission scheme?

If you applied that only to the projects you want your vendors to see, and all the other projects still use a permission schemed that grants access to "Any Logged In User", then that permission scheme on those other projects is configured to allow the vendor users to see them.

To prevent your vendors from seeing projects you need to ensure that the projects they should not see use permission scheme(s) that don't grant permissions to 

Public
Application Access
Any Logged In User 

 

The vendors will be able to see any project where the Browse Projects permission is granted to the above.

You also need to make sure that the vendors are not added to any group or role that is granted the Browse Projects permission in those projects' permission schemes.

To give them access to the projects you do want them to see your use of a vendor group and vendor role is correct. That applies to the projects you do want them to see.

 

All of the above applies to the Company Managed projects in your instance.

 

Another thing to consider is whether or not there are any Team Managed projects in your instance.

Team Managed projects have an overarching Access setting in each project. The options are Open, Limited, and Private.

The Open and Limited options make the projects visible to anybody with access to your Jira product. To prevent the projects from being visible to the vendors the Access setting in each one would need to be changed to Private. With that setting only the users assigned to roles in the Team Managed project can see the project.

View More Comments
PATRICIA MURPHY
PATRICIA MURPHY
Contributor
April 2, 2025

@Trudy Claspill  Thank you very much for your reply.

I am working in our sandbox.

I modified ALL permission schemes currently in use by projects to remove the
Application Access, Any Logged In User and in place of those ,added roles that should have the permission like Project Admins and Team Members.

For the Vendor permission scheme I made sure there were no permissions in it designating  Application Access or Any Logged In User.

We did not have any permissions in any schemes with public.

I then logged in as one of my test users that is part of a vendor group, that is in a project using the Vendor permission scheme, where the specific vendor group has the vendor role. 

I was still able to see all of the projects and issues, I will have a fresh tester check tomorrow and see if they have the same results.

In case it makes a difference, there are a few unused permission schemes that I did not bother to clean up.

Thank you

Pat

Like
Trudy Claspill
Trudy Claspill
Community Champion
April 2, 2025

Can you share with us the details of the Permission Scheme associated with one of the projects the vendors can see but should not be able to see?

Like
PATRICIA MURPHY
PATRICIA MURPHY
Contributor
April 3, 2025

@Trudy Claspill 

Update - So last night when I logged in as one of my test users who is part of a vendor group and I still saw all of the projects and issues was a fluke, maybe because I was logged in with my real account in another browser tab.

The good news is that my fresh testers logged in this morning and can only see Team managed projects and JPD projects which now need to be changed to private.

 

Thank you!

Like
PATRICIA MURPHY
PATRICIA MURPHY
Contributor
April 3, 2025

Thank you again @Trudy Claspill 

The key was to remove Application Access, All logged in users from all of the permission schemes being used in our Jira instance!

Like Trudy Claspill likes this
Reply
0 votes
Bogna Krystian_Deviniti_
Bogna Krystian_Deviniti_
Atlassian Partner
April 3, 2025

Hi @PATRICIA MURPHY 

 If you're interested in Marketplace add-ons, take a look at Issue Sync Pro (developed by the company I work for).

This tool can help by enabling controlled issue sharing between your Jira instance and external vendors without giving them full access to your internal projects. Specifically, you can:

  • Synchronize selected issues with vendors while keeping your internal data private.
  • Define granular permissions, ensuring vendors see only the issues intended for them.
  • Maintain separate workflows while allowing collaboration across Jira instances or projects.

This is a link to IS Pro Support Center  if you want to read more :)

Reply
0 votes
Stevan Mandić
Stevan Mandić
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
April 2, 2025

@PATRICIA MURPHY  if i understand, you have 3 jira projects and you want each vendor has access to only one project and issue within it?

If that is correct you can have same (standard permission scheme) for all projects and give all the permissions you want to the vendor role you already created.

Then for project 1 in project settings / people, you can add vendor 1 with the Vendor role...

Project 2 - vendor 2 etc ..

 

In the Permission scheme you can define that Vendor Role what the vendor can do...

In the Project 1 project settings /people you can assign particular Vendor or group of Vendor users to the Vendor Role... In that case assigned Vendor(s) 1 will have access only to project 1...

In the permission scheme what the vendor role can do...In People you define who is the vendor for that project.

Make sure that each Project has Private access and only people added by admin have access to it.

 

View More Comments
PATRICIA MURPHY
PATRICIA MURPHY
Contributor
April 2, 2025

Hi @Stevan Mandić 

Thanks for the quick reply, I think I tried what you are suggesting in Step 4.

I created a project for a specific vendor, under people I added the specific vendor group with the vendor role.

I am stumped.

Like
Stevan Mandić
Stevan Mandić
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
April 2, 2025

1. Are your projects private?

2. Do you use same permission scheme for all projects?

3. Does your permission scheme have only Project roles assigned to certain permissions or User groups too(vendor user group or jira-users or any default jira user group)?

If your permission scheme contains jira user groups:

1.since all created accounts are added automatically to the default jira groups (e g. Jira-users), remove all user groups from permission scheme ( except administrator groups)

2. In your permission scheme, Grant wanted permissions to the Project Roles you have...

3. Assign users or user groups to Project role in each project (project settings/people)

 

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
PREMIUM
PERMISSIONS LEVEL
Product Admin
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Terms Security
    Welcome illustration

    Welcome to the new Atlassian Community

    Online forums and learning are now in one easy-to-use experience.

    By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.