Hi @Kari Styles ,

as long as a user has the Browse Project permission in project-A, this user will access the Zephyr app within the project-A.

Unfortunately there's no way to separate those actions:
granting access to the project (view and search issues)
and
granting access to Zephyr within the same project (access to some features, see example below).

Example

Your Organization want to limit access to the Zephyr data of project-A to a specific user/project role/group- named 'testing team', but want also that another user/project role/group can only search for issue in project-A for reporting purposes - named 'marketing team'.

So, you need to grant the Browse Project permission to 'marketing team' (in the JIRA permission scheme associated to project-A), if you want that the team can search for issue in this project and run the available reports; BUT the team will also have access to Zephyr within the project-A, so it'll be able to performe some tasks:

• View and search tests
  
  
• View Cycle Summary
• Create test cycles
  
  
• Create, edit, delete folders
• View test executions
• Manage execution filters
  
  (Reporting)
• View Test Summary
• View Test Metrics
• View Traceability Matrix
  
  
• Create/Edit/Delete automation tasks (A.T.O.M.)

In many real scenarios, there are project roles/groups that need view-only access to the project for their work, but Zephyr for Jira Cloud does not provide any configuration to exclude them from accessing and performing some tasks in Zephyr within the same project.

Setting a standard procedure and sharing it within the Organization is a valuable option to limit the risk of undesired action on test cycles, folders or automation tasks.

Hope this help! :-)

Does anyone want to share her/his experience on Zephyr permissions?

Regards,
Giulia