Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

External User Access to only one "NEXT GEN PROJECT"

Hello,

We are trying to provide our customer access to one of our Next -Gen Project. The question is, is this possible in next gen version of a project? I am aware that in the classic version, you can add an external user (customer) to a specific project. But I cannot find a way to do it in Next Gen Project.

 

Thank you!

4 answers

Hello, I think the core issue keeps getting missed here. The essential detail is that this process of granting an external user access to a single next-gen project should grant access to no other projects in the JIRA instance. By default it appears to grant this broad access. In testing this, I've found that even following the "share roadmap" process at the top of the next-gen roadmap appears to grant the invited user access to your entire set of projects, which is not clear in the user experience and potentially a near-disastrous outcome in some scenarios. 

Can a product manager at Atlassian please read this. Nobody at Atlassian who has responded to this has actually taken the time to read and understand and investigate the problem.

It is a real problem.

Please?

Hello @Larry

Please, check my answer in the thread above and let me know what is the exact problem you're having so we can properly address it.

We execute projects that are deemed confidential. The projects should be visible only to particular Clients for whom we are executing it. No other clients should see it. 

Can someone among you confirm if this is possible using Next-Gen?

Hello @Ashwin Kumar H M

The clients you mentioned do have a valid JIRA user on your site? If they have, you just need to navigate to your next-gen projects > Details > In the Access field, select private:

Screen Shot 2019-04-01 at 16.13.00.png

Then, add the users that might have access to the project under Project settings > People.

P.S: The users added to the project will be able to view, edit and create issues. For those who are not added to the project, they will not be able to view issues or do anything.

That works only if you have all your projects as next-gen, if not you can't define the projects as private and when you give access to one project the person can see all. 

Like # people like this

Atlassian just refuses to understand what it is you are describing because they are not living this experience.

 

I'm having the same PITA.

Hello @Andres Zunino and @Larry

Sorry to hear you are not being able to configure Next-gen projects as you need. Please, allow me to give an update in this thread:

About this sentence:

That works only if you have all your projects as next-gen, if not you can't define the projects as private and when you give access to one project the person can see all. 

Can you please elaborate a little bit more on what do you mean by "That only works if you have all your projects as next-gen"?

The instructions provided above are only applicable for Next-gen projects indeed since that's what the question is about, however, the fact you have Classic or Next-gen projects in your site does not change its behavior.

While in Next-gen projects you can configure the permissions using the Access field in the project details as mentioned in my last comment (Refer to this documentation),  your permissions in Classic Projects must be configured by the permission scheme, as mentioned in the documentation below:

Managing project permissions 

Additionally, with the implementation of Jira support plans (Free, Standard, and Premium), the permissions for both Classic and Next-gen projects can only be configured for the Standard and Premium plans.

Let us know if you have any specific questions about the information provided above.

This is not helping, i am frustrated with this next-gen and classic project role access permissions workflow.

I want to be able to "by default" stop a user from being able to see everything except the one next-gen project  we choose to add them to., However, he can see all classic projects as well once he logs-in.

Can you create a screen-view demo or article related to this, is it so complicated.

We had a similar problem on our instance recently, which took some effort to resolve, but I think we've got there.

What we had to do was look through the Permissions schemes on our Classic projects and remove the group jira-users from having access — that group being in the Permissions schemes meant that everyone who had an account on our instance could see those projects.

It was dull and tedious work to go through each project and ensure Permissions schemes were correctly configured — generally this meant setting old projects to a scheme that locked everyone out but admins and ensuring that current projects were all on 1 of a small number of schemes, each of which had had the configuration double-checked — but it does mean that we have external users only able to see the projects we want them to.

The documentation around this could definitely bear improvement, but once I got my head round things, it became much more straightforward.

Good luck!

Like # people like this
Like owenblacker likes this

Update: This worked for me, I removed the group private-user-group from Administer Projects under Default permission scheme.

Like owenblacker likes this

Hope you don't mind me piggyback here @Nadeem Bari @owenblacker 

I'm trying to set up Jira in a similar way. We have multiple next gen boards which I have now set to private. However we have a few remaining classic projects I need to ensure are hidden from the external partner we're working with.

In the permissions scheme I'm still unsure of the best approach. I now have two classic projects sharing the same permission scheme.

The external partner as currently configured can see the next gen board I have explicitly provided access to and the two remaining classic projects. Without changing anything they'd be able to view all of the issues and tasks in those projects.

To get around this, do I need to amend the browse project permission or the administer project permission?

@Andrew Dunne I think it's "Browse project" that is the permission you care about here, but you want to ensure that no group containing the external partner can access those projects — it's almost certainly that jira-users can browse the project.

I literally spent most of 2 days resetting Permissions schemes for almost every project in our instance and ensuring that the group privileges were appropriate in every Permission scheme in use.

If you want all your internal users to see all projects (which you might not, tbh), you'd be best to create a group called "Internal users" and grant that the access that you're revoking from jira-users.

I hope that helps; good luck! 😊

Like Andrew Dunne likes this

@owenblacker I think I have it sorted now following your advice. Cheers!

And to any Atlassian PMs monitoring this chat, this has probably been my biggest pain point so far as my company's newly minted Jira admin (by default).

Like # people like this

@Andrew Dunne: Glad to read it 🎉

Hello Jaime,

I hope you are having a nice day.

Next-gen projects permissions work in a similar way that Classic projects, the only difference is that Next-gen projects do not have a permission scheme to set each specific permission in the project, instead, it defines which actions the users will be able to perform by role: Administrator, Member or Viewer.

To restrict your Next-Gen projects to only specific users, you must follow the steps below:

- Navigate to your next-gen projects > Details > In the Access field, select private:

Screen Shot 2019-04-01 at 16.13.00.png

- In the tab people, define which users should be able to access the project, selecting the role you want for them.

For more information about Next-gen projects permission and what permissions are granted by each role, you can refer to the documentation below:

Overview of permissions in next-gen projects

Let us know if this information helps!

Hi Petterson,

Could I ask how you can give access to a user (in a next-gen project), but so they can only see this one project. I work with an agency and want them to be able to see just this one project as a Member. I can't see how to do it in the Next-Gen projects, but know it is possible in other project types.

I have added a user with no access, and then given access to the next-gen project as described above but they are unable to see anything at all. I presume I'm missing something?

I believe this is also what the question above was asking too? But excuse me if I've missed something. "External User Access to only one "NEXT GEN PROJECT"

 

Many thanks

Hello Joe,

If I understand your question correctly, you want a user to only view one specific Next Gen project. The solution I did was to put all existing projects into private mode and added that one user to the project he should have access to. 

In this solution, the user will only be able to view projects that he/she is granted access to.

 

Best Regards,

Jaime Mabini

Like Petter Gonçalves likes this

Thank you for getting back to me Jaime,

Yes, you are right, that I want to be able to "by default" stop a user from being able to see everything except the one or two projects we choose to add them to. I will certainly look into your suggestion, and can see how that works, however, unfortunately, this is an instance shared by many other users across a large org, and I think it will ruffle feathers if I start removing access to all the projects for all users.

Ideally, I need the alternate case whereby everything is visible to everyone, unless they are in a group which is for agancies, and then can only see a few projects.

Any ideas if this is possible?

 

Thank you for you help!

We've the exact same use case. We would like to keep our projects open internally & allow access externally (vendors, consultants, etc.) to specific projects only.

Like # people like this

Agreed ... this is a very common use case which we need to support as well. Clients / external folks need to be restricted to only explicitly identified projects (those users will be in a group) while leaving all projects open to all folks within the company normally (in the normal Jira users group). I can't believe this has been overlooked so far with Next-Gen.

Like Rodney Cowled likes this

This still seems to be a problem, from what I can see…

The "solution" put forward by Atlassian is a non-starter.  Basically, my entire company would have to shut down into private mode so that I can support even one or two projects that has a need to share with a customer.  Nextgen in the current state is not a tool that can be used where I need to share different projects with different customers and keep their views contained and separated.  

There should be a role that can be defined that basically means "no privileges unless explicitly granted by project".  Or maybe that's the default unless a user is associated with a role.

Suggest an answer

Log in or Sign up to answer
TAGS
Community showcase
Published in Apps & Integrations

🍻🍂Apptoberfest Update: Upcoming Virtual Events 🎉

Hello Community! I hope you've been enjoying the 🍂Apptoberfestivities🍂 (I know I have!) The event is heating up next week with a series of virtual events that we're calling the 🍻🍂Partner App ...

102 views 1 7
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you