Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Whats the difference between the ADMINISTER and SYSTEM_ADMIN permission in JIRAs API?

James Dumay
James Dumay
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
May 31, 2011

Whats the difference between the ADMINISTER and SYSTEM_ADMIN permission in JIRAs API?

Watch
Like # people like this
836 views

2 answers

Comments for this post are closed

Community moderators have prevented the ability to post new answers.

Post a new question

2 votes
mlassau_atlassian
mlassau_atlassian
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
June 1, 2011

An "Admin" can do most anything except operations that could potentially compromise the security of the underlying operating system.
As a corollary, an Admin may not do any action that could elevate their own or someone else's privileges to that of "SysAdmin".

Historically the distinction was created for the "JIRA Studio" hosted suite.
(See JRA-13282)
Hosted customers are able to create "admin" accounts, but "sysadmin" privilges are reserved for Atlassian and hosting partners.

Reply
2 votes
spuddy ಠ_ಠ
spuddy ಠ_ಠ
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
May 31, 2011

The differences between these two permissions are covered in the Global Permissions documentation.

Users with the SYSTEM_ADMIN permission can do any administrative action.

Users with the ADMINISTER permission can perform most administrative actions. Some exclusions include configuring SMTP, importing/exporting etc.

The intent of the separate ADMINISTER permission is that organisations may want to delegate tasks like user management to a group of people, without allowing them to do "system" administration actions (actions that might compromise the security of functioning of the host).

View More Comments
James Dumay
James Dumay
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
May 31, 2011

So if I were checking to see if someone had PROJECT_ADMIN should I check for ADMINISTER and SYSTEM_ADMIN too?

Like
spuddy ಠ_ಠ
spuddy ಠ_ಠ
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
May 31, 2011

Yes you have to check for both, permissions don't inherit/piggyback off other permissions.

Like
Reply
Atlassian logo
Answers Developer Questions
TAGS
AUG Leaders

Atlassian Community Events

    See all events