New Free Guest Access

Hello @Heather Barnes ,

Good day! Welcome to Atlassian Community :)

Please find the answers ton your questions:

Since we only have one SPACE, if I add guests to that space, they can see all projects, right? That's basically how it's set up anyways, so I don't see an issue with this. 

Yes you are right. They will only see the project they are added to

According to the video of the release, I will be able to grant/deny access to components such as adding comments, getting tagged, if they can see sub-tasks, etc.? So basically, they can be treated as a licensed user. If that's the case, what is their access limitation if I only have one space anyways? 

Currently, Guest user can only belong to one Jira software or business space per site. If a guest is already in another space on that site, you’ll need to remove them before adding them to another space.

Is there a config guide on how to set up guest users so I can test if that's the direction we want to go? 

You can refer to these following documents:

• https://support.atlassian.com/jira-cloud-administration/docs/invite-guests-to-jira/
• https://support.atlassian.com/jira-cloud-administration/docs/guest-permissions-in-jira/
• https://support.atlassian.com/jira-cloud-administration/docs/manage-guest-access-in-jira/

Hope this helps. Thank you :)

Hi Heather,

I think your understanding is generally correct, but I would separate the guest access boundary from the work item visibility model.

Guest access limits the person to one Jira space, but once they are in that space, what they can actually see or do is still driven by the space permissions, permission scheme, and any work item security configuration.

So if all HRIS work is in one Jira space and guests are granted broad Browse space or work item visibility, then yes, they may be able to see all work items in that space unless additional controls are configured.

Where I would look is one of two patterns:

1. Permission scheme plus custom user field
   • You may be able to use a custom user field, reporter, assignee, or a similar permission condition so guests only see work items where they are explicitly involved. This can work if the access model is simple, for example, guests can see items where they are listed in a specific field.
2. Work item security or issue security
   • If you need more controlled visibility within the same space, work item security is probably the cleaner route. You could define security levels for different HRIS visibility needs and only include the right users, groups, roles, or user fields in each level. This is preferable if some HRIS items are sensitive and should not be visible to all guests in the space.

So the answer is not just “guests can only access one space.” That is true, but the bigger question is: inside that one space, should they see everything, or only specific work items?

If it is only specific work items, I would test permission scheme rules first, but I would strongly consider work item security if the data is sensitive.

For testing, I would create a test guest user and validate a few scenarios: regular work item, sub-task, item where they are in a custom user field, item where they are not listed, restricted/security-level item, comments, mentions, and tagging behavior.

Hope that helps. I would also be curious to see if Atlassian publishes a more detailed configuration guide for the new guest model.