Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root


1 badge earned


Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!


Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.


Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!


Customer Was Given Access

Hello. I hope someone can help. An external customer somehow was given access to our Jira instance.  He was in there twice and I revoked him. How did this happen?  How can I see how he got access in the first place?  

7 answers

Suggest an answer

Log in or Sign up to answer
2 votes
Oday Rafeh
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Mar 17, 2023

@Clare Lawson 

To investigate how an external customer gained access to your Jira instance, follow these steps:

Check user invitation history in User Management.
Review project and group permissions.
Examine application access settings.
Look at the audit log under System > Audit Log.

To prevent unauthorized access in the future:

Regularly update user access permissions and group memberships.
Enable two-factor authentication (2FA).
Restrict access to specific IP addresses, if possible.

Hi Clare,


1. users can invite the external users through project level like when you are assign the issue, in that place you will get invite user option based on that user can invite the external user.

2. invite the user into the project level using people invite in the left bar.

3. Invite teammate or sharing the issue.


As per my understanding, you want to restrict the users cannot invite the customers into the Jira. For that i have a solution to restrict the user invites.

1. Go to  - user management

2. Click on products 

3. In the Products - user access settings

4. Navigate to user invites

5. In that we have two columns like product and existing user permissions

6. suppose Jira software is the product then choose -- "don't allow invites" in existing user permissions. so that anyone cannot invite the users to the product. 

7. this option is not available in your setup then reach out to support and enabled by them and that option is free of cost.


Hope you got the exact solution.

Thank you

It depends which kind of product licence you have, if you have  just basic jira SW, then the audit log you can find in jira in the settings menu systems (there depends on your settings you can either see the user who gave the access or just user = jira - 3 months back in the basic).

You also may have settings of the domain open without admin approval - atlassian admin -> products -> user access settings - any domain...

Screenshot 2023-03-17 at 22.04.47.png

On the upper right hand corner go to the settings then if you have elevated admin access you can see who added when and if the user's activity...Hope that helps! 

Atlassian in their wisdom introduced in their opinion a wonderful way for user set up. 

This has allowed users from anywhere to set up accounts unless you have updated your settings from the default they set.  

I have had several conversations about this with Atlassian as we do not allow as have a process and our security were not happy. 

They still introduced it as do not care. 

Please check here for the settings that should help you lockdown as much as you can

Hello! Depending on your instance settings, you could search through the audit log to see if it happened somewhere in the last 3-6 months. You would be able to see the date when the user was given access and who provisioned the access to that user. 

0 votes
Michael Thompson
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Mar 17, 2023

Did you check the audit logs to see if someone added this user to the instance? Go to Administration, Security -> Audit logs.

if you have this extra paid feature...

AUG Leaders

Atlassian Community Events