How to give a guest access to one Jira project only?

Vanessa De Boeck February 19, 2024

Dear

We've added a client of us as a guest user to Jira.

We want to give him access to one specific project, but it seems that he can see other project ánd there tickets too, which is not the purpose.

Could you give me an advise on what I have to change?

Thank you.

Vanessa

4 answers

1 vote
Walter Buggenhout
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
February 19, 2024

Hi @Vanessa De Boeck,

This is a classic issue; As Atlassian promotes openness by default, permissions to projects follow that logic. And so, in the permission schemes of projects you create from built-in templates, you will see the browse project permission being granted to any logged-in user or something like that.

That needs to change. The moment you come to the point where you want to add a first user you want to restrict, it becomes clear that permissions have not been set up with that in mind.

So, this is the time where you should review all permission schemes used for all projects you currently have and remove that any logged in user from the browse project permission and - instead - associate project roles (preferred) or user groups with the permission instead. This may be tricky, as removing the option may lead to people losing their project access, which you need to fix by adding them to the newly assigned roles. This is in fact the scenario for company managed projects.

If you'e also using team-managed projects, all projects that now have open permissions, should be updated to limited or private as well to obtain the same results.

Hope this helps!

1 vote
Mikael Sandberg
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
February 19, 2024

You need to modify you permission scheme or create a new one. By default anyone that have access to Jira would have access to all projects. So in your case I would create a new one and base the access on project roles, that way you can add the user to one of the roles in the specific project and the permission scheme would have that role added to the browse project permission. You can learn more about permission schemes here and here.

You could also take this a step further if you want to limit the issues that the user have access to by using issue security.

0 votes
sumukh February 20, 2024

Hi @Vanessa De Boeck ,

First create a new permission Scheme Specifically tailored for the guest users, Should only have limited access. And next go to the permissions edit the permissions scheme associsated with the project and align with the new scheme created for guest user. Within the permission scehem find specific permissions related to brwosing issues, viewing comments, and other actions. Now ensure that these permissions are set to only allow access to desired project for that group with the guest user.

Now, check your instance handling guest user. They might be part of specific group and make sure that group with association with the guest user is configured to have the restricted permission you have defined for the project. After making these changes, test access with the guest user account so that the associated it correct or not. and Dont forget to Cross-Check other Global level or Project level Permissions to ensure there are no conflicting settings that might unneccesarly grant access to other projects.

Thank You

Sumukh

0 votes
Joseph Chung Yin
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
February 19, 2024

@Vanessa De Boeck -

I agreed with what @Walter Buggenhout / @Mikael Sandberg suggested.  You need to create a custom permission scheme for your project in question.  Afterward, assign the specific user with the appropriate project role for it.  The key permission is "Browse Project" where you need to locked down and ensure this specific user is not associated with any project role/group that the project permission scheme called out.

Hope this helps.

Best, Joseph Chung Yin

Jira/JSM Functional Lead, Global Technology Applications Team

Viasat Inc.

Suggest an answer

Log in or Sign up to answer
TAGS
AUG Leaders

Atlassian Community Events