Can we restrict user(s) to ONLY see their assigned project?

Deleted user February 21, 2020

In JIRA Cloud, Can we restrict user(s) to ONLY see their assigned project? We dont even want them to see any project other than assigned one - not even read-only.

Is this possible ? In JIRA Admin I haven't seen anything to support this...

Thanks!

-Steve

2 answers

1 accepted

1 vote
Answer accepted
Stephen Wright _Elabor8_
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
February 22, 2020

Hi @[deleted]

Richard is correct - adjusting the permission scheme in your instance will resolve this. You'll need to be a Jira Admin and then do this:

  1. Go to Jira Settings > Issues > Permission Schemes
  2. Review the Permission Scheme(s) in use within your instance. You'll need to edit each of these for it work for all projects.
  3. Press the "Permissions" hyperlink in the right-hand column next to a permission scheme
  4. Next to the permission "Browse Projects", press Remove
  5. Remove anything such as "Application Access - Any Logged in User" or "Group - jira-software-users" or similar - effectively global groups giving users access to the platform
  6. Next press Edit next to "Browse Projects" and select to grant this role to a Project Role - such as "Developers".

^ This means that users will no longer see every project in your instance. They will need to be granted the role "Developers" in each project they need to see (via Project Settings > People) - if that's just one, they'll only see that one specific project. 

See more about permission schemes on this page, and if you need help using and creating new project roles, use this page.

Ste

Deleted user March 26, 2020

Thanks for the detailed steps!

4 votes
Deleted user February 21, 2020

Steve, this can be done by adjusting the Project's permission for "Browse Projects" to only include certain roles (by default I think it might include "any logged in user").

In my case, I've assigned specific Project Roles the "Browse Projects" permission, and then assigned the users/groups to the Project and given them the Project Role that contains the "Browse Projects" permission.

This way, only users in that project with that role will see that project.

Let me know if that makes sense.

Deleted user March 26, 2020

Yes, thank you!

Heba Salem February 20, 2024

hi 
I just did the same and users still can see all projects

I added all project roles to browse projects hoping that they should only see projects where they have roles at but this is not the case 

Stephen Wright _Elabor8_
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
February 23, 2024

Hi @Heba Salem 

There's a few factors this depends on...

  • Are these Team-managed or Company-managed Projects?
  • Are there any Groups with access to the Browse Project permission?

Ste

Heba Salem February 26, 2024

it's company managed 
no but the project roles has default users (groups)

Stephen Wright _Elabor8_
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
March 2, 2024

Hi @Heba Salem 

If one of the Project Roles is assigned to a Group which all users or a majority of users are in - then the Group membership will allow those users project access.

You can either...

  • Remove the Groups from relevant Projects which need to have restricted access, or...
  • Remove the Groups as a default on new Projects - to do this, you'll need to be at least a Product Admin, and then...
    • Go to Settings (cog icon, top-right) > System
    • Select Project Roles from the left-hand menu
    • Select the hyperlink Manage Default Members next to the relevant project role
    • Remove the Group(s)

Note: The second option only works for new Projects - you'd still need to remove the Groups from roles in existing Projects.

Ste

Suggest an answer

Log in or Sign up to answer
TAGS
AUG Leaders

Atlassian Community Events