How do I configure users so they can only see 1 project?

In JIRA you need to move away from using 'users' in your project permission schemes, and refer to roles, then you can define a per-project access group in the roles required.

In Confluence you need to remove 'users' as a default access group, and require the same per-space group membership for access.

Hi @Joe Murray, 

I faced the same issue as most of you did. 

To all the Atlassian Community Managers - please stop denying that it is complex.

The fact that there at least 3 threads (!) that are miles long where people have been asking the same "How Can I Add Client to ONE project ONLY" questionfrom 2013 until today (!) with ZERO people reporting issue resolution after receiving your instructions is on it's own.. ridiculous.

The only good step-by-step instruction that can actually help is this video from Atlassian: https://youtu.be/wvdVNpgG34M (I actually downloaded the video file since I'm afraid it will be deleted at any point). After spending hours reading through the threads and multiple failed attempts to follow text-based instructions - this was the only one that helped me to resolve the issue. Mind you, it is 4:30 long and includes over 12 high-level steps (and please do not go into counting actual 'actions' or 'clicks') to get this working. 

If you are aware of any other threads other then the ones mentioned below - please spread this message across to help other users:

1. https://community.atlassian.com/t5/Jira-questions/How-do-I-add-a-user-and-allow-them-access-to-only-one-project/qaq-p/641554
2. https://community.atlassian.com/t5/Jira-questions/How-do-I-configure-users-so-they-can-only-see-1-project/qaq-p/332248
3. https://community.atlassian.com/t5/Jira-questions/How-do-I-add-a-test-user-external-client-to-Confluence-JIRA/qaq-p/657251

I really hope this helps all of you. 

Thank you,

P.S. After you have the issue solved (hopefully) - please check comments on this video. It's a good laugh. + Atlassian Community Managers - you should also check those comments if you're going to attempt to reply to this with a "we have the video, it's awesome and easy" ..  IT IS NOT and the fact that you even came up with a VIDEO instruction kinda says it all.

The default in Atlassian products is to use a group (jira users for example) to say "can log in". That's fine, but their default permission scheme then says "let jira users see this project". That means the default is anyone with a login can see everything.

You need to remove that - only use Jira-users for "can log in" and anything you truly want to be global.

Once you've unpicked that, then you need to put people back into the projects (as removing jira-users will remove their visibility). I'd heavily recommend the use of Roles here, as Andy says.

Yeah, for a company trying to "scale down", it seems like a clusterf*ck, even when adding Confluence pages, it opens in a browser window.

For a business owner, your clients do not want to be part of a process that is complex and confusing. It is intimidating for clients when all you need is "approved."

Clients don't want to sign up for more crap they have to learn how to use.

As a business owner, all I really need is simple: ability to create a process, ability to create tasks/subtasks, ability to have visibility of progress of projects/tasks, and most important...ability for the client to "approve" that task or asset...without having to sign up for a jira account.

That's nice they add the permissions and modify roles,  but it does not solve the biggest issue: how to make it a seamless, easy process for your clients.

They really need to expand Jira into a Jira that also has trello/confluence visible on the same page without having to switch.

You have to put the "Browse All Projects" permission on lockdown with a Project Role and then assign user groups to that project role on a per-project basis.

I wrote a blog post about it 

https://projectbroadway.atlassian.net/wiki/spaces/MW/pages/1854308485/Discovering+Jira+user+management