Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

How do I Geo-Fence a project?

Jeff Young
Jeff Young
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
April 8, 2025

I have a client who requires that their data not be accessed or stored outside of the US, and that people outside the US are not able to access it, and US personnel are not allowed to access it while abroad.

If I have Atlassian Guard, and an IDP that can tell where someone is logging in from, is there a way to 1. pass that data to Atlassian guard, and then 2. utilize it to restrict access to a project in Jira?

Answer
Watch
Like # people like this
70 views

2 answers

0 votes
Kieren _SmolSoftware_
Kieren _SmolSoftware_
Contributor
April 12, 2025

Hi @Jeff Young 

I can offer some ideas, but I'm not sure how useful they are without more info:

Both the ideas work on the expcetation that you can add users to specific groups based on their attributes, and configure your projects to give those users access based on their locaion groups. e.g. create a 'location-usa' group and a 'location-eu' group. Only give the location-usa group access to Project X.

So, how do you get the users into each of the groups? Here some ideas:

1. Use the user information you have in your IDP to assign the users into the groups within the IDP. Without more info on which IDP you use, I can't tell if this is possible or not. You could base this off the users IP address, timezone, department, office location, etc...

2. If your users have different email domains, like sony-eu.com and sony-usa.com, use the email domains to move users into the different groups. If your IDP can do this, great! If not, you can use an app like Admin Automations to do it.

3. Manually add new users to these groups, make it part of your IT onboarding process. Depending on how many users you have, and how often you're adding/removing users from your organisation, this could be too much effort.

 

None of these methods meet all 3 of your criteria:

1. their data not be accessed or stored outside of the US

2. people outside the US are not able to access it

3. US personnel are not allowed to access it while abroad

 

#1 At best, you can achieve this by just ensureing you have Atlassian Guard and Data Residency set to US for your entire Jira instance. You cannot do this on a per-project level.

#2 you could achieve by only allowing specific IP address ranges to access your entire Jira instance. You cannot do this on a per-project level. Just as @Charlie Misonne has mentioned above. You could use one of the group methods I listed above to restrict access to a single project.

#3 is similar to #2, you can only achieve this by allowing specific IP address ranges to access your entire Jira instance.

 

One last idea: You could spin up an entire new Jira instance under your current org, just for this customer. Then you can apply all the IP address restrictions to the new Jira instance and not have it affect your other users or projects.

 

I hope some of that helps.

-Kieren

Reply
0 votes
Charlie Misonne
Charlie Misonne
Community Champion
April 8, 2025

Hi @Jeff Young and welcome to the Atlassian Community!

Blocking just 1 project based on location is not possible as far as I'm aware of.

Atlassian allows you to use an IP allowlist but this applies for the entire Jira instance.


Can your IDP reject the authentication when it comes from outside the US?
But again, it will probably be difficult to achieve this for just 1 project.

Reply

Suggest an answer

Log in or Sign up to answer
Jira Service Desk
Jira Service Management
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
PREMIUM
PERMISSIONS LEVEL
Product Admin
TAGS
AUG Leaders

Atlassian Community Events

Community
Forums
FAQs Forums guidelines
Learning
About learning Resources
Events
Champions
Copyright © 2025 Atlassian
Privacy Policy Terms Security
Welcome illustration

Welcome to the new Atlassian Community

Online forums and learning are now in one easy-to-use experience.

By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.