How to limit project access for unwanted project users? People and internal access difference.

Vera Valshonok
Contributor
March 24, 2024

Hi Community!

 

I am planning on Jira Cloud migration and when doing test, a project became visible for the customers that were not supposed to see it. ITs related to project access we believe. 

 

In some service project when casing people to a project its called Inten all access where I can set a project access to private but in our project is say People instead of internal access and I don't see where i can make a project access private.

 

How can i limit project access and  what does it depend on in service projects when it says People or Internal access?

 

Thanks in advance!

2 answers

2 accepted

3 votes
Answer accepted
Walter Buggenhout
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
March 24, 2024

Hi @Vera Valshonok, when coming from server to cloud, there's an important new thing to get to know. Jira cloud has 2 types of projects: team and company managed. Company managed projects are more or less the same as you know from server: they are configured using schemes and have the capability to share a configuration across multiple projects. In these projects, you will find permissions (with the permission scheme you're used to from server) and people (where you can assign users/groups to the roles from your permission scheme). Team managed projects do not exist on server and they are an attempt to make setting up a project easier so "any user can do this"They have some cool new features here and there, but don't share settings with other projects and have simplified versions of configuration in most cases. When you see a project or documentation referring to open / limited / private access, this is a team managed project. Whenever you open a project in cloud, you should see what type of project it is near the bottom right corner of your screen.

I strongly recommend to read up on the differences between these type of projects, so you can determine to what extent you are willing to allow people to set up either type within your cloud site. This support article may be a good starting point; but definitely also check the linked articles about e.g. migrating between the two types, as that article lists some of the clear differences through the risk of data loss.

So, after that introduction: if you migrate a project from server to cloud, it will always be company managed. If you read about configuring things, always verify if the documentation is about the correct project type. Otherwise you may indeed read things you don't see in your project setup.

Finally, setting up access in Jira Service Management has multiple layers. There are global settings as well as separate settings for each JSM project and these impact each other.

This support article explains how you can manage the global access settings for JSM customers. These can be internal customers (people who work for your company) or external ones (folks from other organisations you work for or even individuals who find your portal on the internet).

Screenshot 2024-03-24 at 10.29.03.png

Who can access your JSM projects is configured inside your projects. But the global access settings may have an impact on the behaviour you see in your project. This support article explains how the global settings may impact project access.

Screenshot 2024-03-24 at 10.31.54.png

Hope this helps!

Vera Valshonok
Contributor
March 24, 2024

Thank you for such a detailed answer. We are moving cloud to cloud, the project we are migrating is Service management, not team - managed project and we want to keep it as is, but I don't see an option to make it private for project users in order to fix the issue so that the project will be showing for not relevant users in the portal.

Walter Buggenhout
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
March 24, 2024

Just assuming that your project is company managed (JSM does have team and company managed projects too), in project settings > customer permissions select restricted.

Then, the users / groups you add to the Service Desk Customer role on the project settings > people tab should see the portal in your help center. Other users should not see it.

0 votes
Answer accepted
Joseph Chung Yin
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
March 24, 2024

@Vera Valshonok -

To supplement what @Walter Buggenhout stated, you can setup and control which projects are exposed in the portal UI based on your users (customers) by changing the configuration for each project's Customer Permissions UI (Project settings >> Customer Permissions's Channel Access setup "Restricted" or "Open" (see following reference link - https://support.atlassian.com/jira-service-management-cloud/docs/change-project-customer-permissions/ for details)

If it is "Restricted", project admins and agents will control who are invited to the project.  If customers are not called in the project as "ServiceDesk Customers" role, then he/she will not see the project(s) in the portal UI, thus cannot interact with those projects at all.

Here are a few other important reference links that you need to fully understand on permission controls for the Cloud env -

Hope this also helps.

Best, Joseph Chung Yin

Jira/JSM Functional Lead, Global Technology Applications Team

Viasat Inc.

Suggest an answer

Log in or Sign up to answer
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
PREMIUM
PERMISSIONS LEVEL
Product Admin
TAGS
AUG Leaders

Atlassian Community Events