Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

How to give a new group of users access to only a single project, and prevent access to others?

Tomislav Maric
Tomislav Maric May 18, 2018

I'm running a JIRA instance where the application users group is set up as per default, and everyone has access to everything within the organization.

Now there is a need to introduce a new group of users that should only have access to some projects.

How best to deal with this?

Answer
Watch
Like Be the first to like this
1861 views

2 answers

1 vote
Gezim Shehu [Communardo]
Gezim Shehu [Communardo]
Community Champion
May 18, 2018

Try adding a permission schema based on project roles. This can be applicable across different projects.

Create a new user group and add the members you want.

 

Let's say

Role "Core Team"

Configure permission schema that "Core Team" has:

  1. Browse Issues Permission
  2. Assign Issue Permission
  3. Create Issues Permission
  4. Assignable Permission
  5. and whatever else you need

For "Project 1" , go to Users and roles and add "New_Group" under "Core Team" project role.

This would ensure that all members of "New_Group" have the permissions assigned above.

View More Comments
Tomislav Maric
Tomislav Maric May 18, 2018

OK, yes, but if every member of the New_Group must also be a member of the jira-users-group in order to be logged into the instance, every member of the New_Group will have the permissions given to the jira-users-group: they will be able to see every other project, which is what I want to prevent.

Like
Gezim Shehu [Communardo]
Gezim Shehu [Communardo]
Community Champion
May 18, 2018

That is a different case, but easily solvable.

 

First of all setting up permissions for Application Access Groups (i.e jira-users-group), imo is definitely wrong. Please revise that.

 

Second, for you exact scenario, go to JIRA -> Applications -> Applications Access and add "New_Group" under JIRA Software or Core, depending on what you're using.

This way members of this group will also have access to JIRA, but by not being members of jira-users-group.

 

Don't worry about duplicate. JIRA doesn't count duplicate or disabled users towards the license limit.

Like
Tomislav Maric
Tomislav Maric May 18, 2018

OK, thanks!

 

Why do you think that the application acess as set up per default by Atlassian for the jira-users-group are wrong?

Like
Gezim Shehu [Communardo]
Gezim Shehu [Communardo]
Community Champion
May 18, 2018

Application Access is OK. Though in case of multiple, well even few, users - my suggestion is to go by groups, example

JIRA_Users_Dep1

JIRA_Users_Dep2

,etc

 

and give Application Access to that group.

 

What I'm saying is that you should not configure permissions based on jira-users-group.

jira-users-group should not be able to see every project. Specific cases of public instances might be ok, but even than some restrictions are required.

 

Instead a better approach is using Project Roles. That's it's purpose.

jira-users-group should be able to view only public projects, even than the permission is set to Any logged in user and not the group specifically.

 

Cheers

Like
Tomislav Maric
Tomislav Maric May 18, 2018

I understand. Thanks a lot for the detailed answer!

Like
Gezim Shehu [Communardo]
Gezim Shehu [Communardo]
Community Champion
May 18, 2018

Glad to help

Like
Reply
1 vote
Praveen
Praveen
Contributor
May 18, 2018

Hi, 

You have to create user group and add them to the project.

Check the below link,

https://confluence.atlassian.com/adminjiraserver071/managing-groups-802592332.html

-Praveen

View More Comments
Tomislav Maric
Tomislav Maric May 18, 2018

OK, but should this group be a sub-group of jira-software-users group? If it is, then the members of this sub-group have automatically access to all other projects, which is what I want to prevent. These are the default permissions of the jira-software-users group listed in the documentation.

Like
Praveen
Praveen
Contributor
May 18, 2018

Hi, 

You can check the below link for instructions. The user has the exact same request.

https://community.atlassian.com/t5/Jira-questions/How-do-I-add-a-user-and-allow-them-access-to-only-one-project/qaq-p/723506

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Notice at Collection Terms Security