Best practice: Access automation to Confluence/Jira using ServiceNow (user vs groups)

Jeramie Anders
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
February 2, 2024

What is best practice for managing access requests to Confluence and Jira? We have roughly 1,000 Jira users across 75 projects and 3,000 Confluence users across 270 active spaces.

Do you provide access to each user individually?

Do you create access groups (ie. Site Owner, Site Editor, Site Viewer) for each space/project?

If requirements allow do you create access groups (ie. Site Owner, Site Editor, Site Viewer) and have those provide access to multiple spaces/projects?

We are looking to create catalog items in ServiceNow to automate access requests. If we do individual user access, it would be easier for site/project owners to self service access in some cases but permission management may be too complex?

What has everyone seen work well? Any lessons learned you to share?

1 answer

0 votes
Brant Schroeder
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
May 21, 2024

@Jeramie Anders welcome to the Atlassian community

I would suggest taking a couple of the free classes in Atlassian university that go over permissions.  Here is some documentation on permissions as well:

My suggestion would be to do the following:

  1. if you are using your own authentication method (SSO) is there a way to add groups in your authentication systems that could be placed on users based on their position / role. Then have those groups come over on the account.  Then you can apply those groups to specific projects, spaces, and applications and not have to manage everything at the project and space level.  This is what we do.  Try to automate as much as possible and then have requests for the areas that fall outside of this area.
  2. You could use groups that admins maintain but this will be a lot of overhead on a small group of individuals and would be harder to maintain.  It does make it a little easier to audit.
  3. Project and space level permissions makes the administration of the access more dispersed and more people can help manage it.  

For both 2 and 3 you could look at making an automation in servicenow by calling the Atlassian api that would put the user in a group or a project role via the service.

Suggest an answer

Log in or Sign up to answer
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
PREMIUM
PERMISSIONS LEVEL
Product Admin
TAGS
AUG Leaders

Atlassian Community Events