Manage groups for an organization
10 min
Advanced
By the end of this lesson, you'll be able to:
- Assign users to groups
- Explain the impact of adding users to and removing users from groups
Configure groups
Groups are organization-wide collections of users. Editing a group includes adding or removing members.
Groups have several purposes, including:
- Granting product access
- Managing permissions in products
- Changing page access in Confluence
- Advanced workflow configurations
- Sharing filters and dashboards
You can’t delete or empty the org-admins group because an organization requires an org admin. The org-admins group grants product admin and user roles for every product.
Configure default groups
Default groups are created when a product is added. Every product has default groups for each role within the product. An org admin and user access admins can create custom groups if needed.
Every product must have a default access group. Multiple products can use the same default access group.
👇 Click the tabs to explore the default groups for each role.
The default access group for the user role for a product is called <product name>-users-<site name>.
👉 For example: For Jira on the Acme USA site, it would be called jira-users-acmeusa.
As an org admin, you can always change the default access group for each product in your organization. However, you cannot remove a group from being a default access group if it is the only default access group for the product.
The org admin or a user access admin can use several groups as default access groups. You can't use the org-admins group.
It isn't possible to delete a group when it is set as the default access group for a product.
Change group membership
When you remove users from groups, it affects what they can do in Jira.
👇Click the tabs below to explore the impacts of changing group memberships.
A user might gain or lose access to one or more products if the group grants that access.
Best practices for managing groups
- Avoid granting too many groups access to a product.
- Use naming conventions and make sure group names indicate which access they grant.
- Limit the number of org admins and user admins to reduce the risk of groups creation getting out of control.
- Grant access by assigning roles rather than using group memberships.
- Monitor the audit log to be aware of any new groups created.
How was this lesson?
next lesson
Maintain user accounts for an organization
- What are Atlassian user accounts?
- Update user account details
- Prompt a password reset
- Log in as a user