Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Celebration

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root

Avatar

1 badge earned

Collect

Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!

Challenges
Coins

Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.

Recognition
Ribbon

Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!

Leaderboard

Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
4,414,982
Community Members
 
Community Events
170
Community Groups

Permission Scheme for external users - best practices

Hi,
I'm raising this discussion to collect your feedback about a Permission Scheme scenario.

Statements:
- Default Jira Projects are visible to everyone inside the company.
- Some Projects have proper permission scheme due to security and sensitive information (keep this out of the challenge).

Demand:
- We need to have the rule to add and remove external users to Jira Projects.

Challenge:
Build a Permission scheme to face a demand need to have several contractors working in JIRA. One contractor should see only the Jira project required and must not see any other Jira project.

This is a challenge to share your knowledge and experience.

I have my solution implemented and I will share here in a few days...
Let the game begin...

1 comment

Daniel Ebers Community Leader Mar 15, 2020

Hi,
this sounds like a familiar use case that I come across often.

I also know configurations where Jira projects are open for everyone inside the company but not to external staff.

In many cases that I have seen a configuration is used where external staff reporters can see their issues they have raised (utilizing 'Browse Permission').

Additionally on some issues they are put to watchers.

Speaking of project configuration there is always a role for Internal Users and one for External Users. There is also a Members Role.

In case the external user is especially trustworthy he can be put to Members Role for some specific projects. This needs approval by a higher management level (and probably HR, too).

Technically speaking the external staff users are managed by LDAP. They are all in a special "external staff" group. The configuration inside Jira relies on the default settings we crafted. Of course, like described in the beginning of this post, Project Admins are able to fine-tune the permissions for special cases.

Apart from that we assured by reviewing the Permission Schemes that external staff users are not able to promote other external staff users (for example an internal staff member must add another external staff member to watchers if one should be added to the list).
Also some others restrictions are in place, for example the one that external staff members are not allowed to delete comments whereas internal staff members are allowed to do so.
This is more the cherry on the top - it might not be needed in every use case scenario.

Cheers,
Daniel

Comment

Log in or Sign up to comment
TAGS

Atlassian Community Events