Community Announcements have moved! To stay up to date, please join the new Community Announcements group today. Learn more

×
Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions
Community
Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning Events Champions
Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning Events Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Is there a way to prevent Jira (and Confluence) admins from using the Atlassian MCP server?

Matt Deimler
Matt Deimler July 31, 2025

There is a concern that a Jira user with elevated permissions, like a Jira admin, having access to and using the Atlassian MCP server, creates a risk. In short, we'd like a standard Jira user to be able to use the MCP server, but in some instances, block or prevent a user with elevated Jira permissions from using it. Is that possible?

Answer
Watch
Like # people like this
425 views

2 answers

2 accepted

3 votes
Answer accepted
Marc - Devoteam
Marc - Devoteam
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
July 31, 2025

Hi @Matt Deimler 

Welcome to the community.

Going over the documentation, I think not.

https://support.atlassian.com/rovo/docs/getting-started-with-the-atlassian-remote-mcp-server/ 

Within the article, there is a feedback suggestion option, provide your concern there.

But the same applies to the API and elevated user has more permissions than a normal user, this can't be denied to Jria admins as well.

In my opinion people with elevated rights should no the risks based on the elevated permissions they have.

And if it could be limited admins can't use the option, thant wold be strange, not?

View More Comments
Matt Deimler
Matt Deimler August 1, 2025

Thank you for the reply.

Like
Marc - Devoteam
Marc - Devoteam
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
August 4, 2025

Hi @Matt Deimler 

Please accept my answer as a solution, if my answer helped to solve your request.

This will help other community member trying to solve the same.

P.S. If the answer is very valuable to you, please share some kudos.

Like
Reply
0 votes
Answer accepted
Vitalii Rybka
Vitalii Rybka
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
August 1, 2025

Hi @Matt Deimler,

I understand the security concern, but as @Marc - Devoteam mentioned, this would be quite unusual from an access control perspective. Here's why this restriction isn't typically possible:

Technical Reality:

  • MCP server access is tied to API permissions, which admins inherently need for their role
  • Blocking admins from tools that regular users can access breaks the standard permission hierarchy
  • Most enterprise security models assume admins are trusted with elevated access

Alternative Approaches:

  1. Audit & Monitoring - Track MCP server usage through Atlassian Access logs
  2. Role Segregation - Create specialized admin roles with limited API access for day-to-day tasks
  3. Conditional Access - Use IP restrictions or device policies to limit where MCP can be accessed
  4. Approval Workflows - Implement organizational policies requiring approval for MCP usage

Recommendation: Focus on governance rather than technical restrictions. Establish clear policies about when/how admins should use MCP, with regular access reviews and monitoring.

The feedback option Marc mentioned is definitely worth using - Atlassian might consider adding granular MCP access controls in future releases.

What specific risk scenario are you trying to prevent? That might help identify better mitigation strategies.

Feel free to DM me if you want to discuss specific security architectures!

View More Comments
Matt Deimler
Matt Deimler August 5, 2025

Thank you!

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
PREMIUM
PERMISSIONS LEVEL
Product Admin
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Notice at Collection Terms Security