Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

External User Access to only one "NEXT GEN PROJECT"

Jaime Mabini
Jaime Mabini March 29, 2019

Hello,

We are trying to provide our customer access to one of our Next -Gen Project. The question is, is this possible in next gen version of a project? I am aware that in the classic version, you can add an external user (customer) to a specific project. But I cannot find a way to do it in Next Gen Project.

 

Thank you!

Answer
Watch
Like Rodney Cowled likes this
2012 views

4 answers

12 votes
hansbjordahl
hansbjordahl March 6, 2020

Hello, I think the core issue keeps getting missed here. The essential detail is that this process of granting an external user access to a single next-gen project should grant access to no other projects in the JIRA instance. By default it appears to grant this broad access. In testing this, I've found that even following the "share roadmap" process at the top of the next-gen roadmap appears to grant the invited user access to your entire set of projects, which is not clear in the user experience and potentially a near-disastrous outcome in some scenarios. 

Reply
0 votes
Larry
Larry September 16, 2020

Can a product manager at Atlassian please read this. Nobody at Atlassian who has responded to this has actually taken the time to read and understand and investigate the problem.

It is a real problem.

Please?

View More Comments
Petter Gonçalves
Petter Gonçalves
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
September 17, 2020

Hello @Larry

Please, check my answer in the thread above and let me know what is the exact problem you're having so we can properly address it.

Like
Reply
0 votes
Ashwin Kumar H M
Ashwin Kumar H M January 13, 2020

We execute projects that are deemed confidential. The projects should be visible only to particular Clients for whom we are executing it. No other clients should see it. 

Can someone among you confirm if this is possible using Next-Gen?

View More Comments
Petter Gonçalves
Petter Gonçalves
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
January 13, 2020

Hello @Ashwin Kumar H M

The clients you mentioned do have a valid JIRA user on your site? If they have, you just need to navigate to your next-gen projects > Details > In the Access field, select private:

Screen Shot 2019-04-01 at 16.13.00.png

Then, add the users that might have access to the project under Project settings > People.

P.S: The users added to the project will be able to view, edit and create issues. For those who are not added to the project, they will not be able to view issues or do anything.

Like
Andres Zunino
Andres Zunino March 27, 2020

That works only if you have all your projects as next-gen, if not you can't define the projects as private and when you give access to one project the person can see all. 

Like # people like this
Larry
Larry September 14, 2020

Atlassian just refuses to understand what it is you are describing because they are not living this experience.

 

I'm having the same PITA.

Like
Petter Gonçalves
Petter Gonçalves
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
September 17, 2020

Hello @Andres Zunino and @Larry

Sorry to hear you are not being able to configure Next-gen projects as you need. Please, allow me to give an update in this thread:

About this sentence:

That works only if you have all your projects as next-gen, if not you can't define the projects as private and when you give access to one project the person can see all. 

Can you please elaborate a little bit more on what do you mean by "That only works if you have all your projects as next-gen"?

The instructions provided above are only applicable for Next-gen projects indeed since that's what the question is about, however, the fact you have Classic or Next-gen projects in your site does not change its behavior.

While in Next-gen projects you can configure the permissions using the Access field in the project details as mentioned in my last comment (Refer to this documentation),  your permissions in Classic Projects must be configured by the permission scheme, as mentioned in the documentation below:

Managing project permissions 

Additionally, with the implementation of Jira support plans (Free, Standard, and Premium), the permissions for both Classic and Next-gen projects can only be configured for the Standard and Premium plans.

Let us know if you have any specific questions about the information provided above.

Like
Nadeem Bari
Nadeem Bari November 24, 2020

This is not helping, i am frustrated with this next-gen and classic project role access permissions workflow.

I want to be able to "by default" stop a user from being able to see everything except the one next-gen project  we choose to add them to., However, he can see all classic projects as well once he logs-in.

Can you create a screen-view demo or article related to this, is it so complicated.

Like
owenblacker
owenblacker November 24, 2020

We had a similar problem on our instance recently, which took some effort to resolve, but I think we've got there.

What we had to do was look through the Permissions schemes on our Classic projects and remove the group jira-users from having access — that group being in the Permissions schemes meant that everyone who had an account on our instance could see those projects.

It was dull and tedious work to go through each project and ensure Permissions schemes were correctly configured — generally this meant setting old projects to a scheme that locked everyone out but admins and ensuring that current projects were all on 1 of a small number of schemes, each of which had had the configuration double-checked — but it does mean that we have external users only able to see the projects we want them to.

The documentation around this could definitely bear improvement, but once I got my head round things, it became much more straightforward.

Good luck!

Like # people like this
Nadeem Bari
Nadeem Bari November 24, 2020

jira_bug.png

Like owenblacker likes this
Nadeem Bari
Nadeem Bari November 24, 2020

Update: This worked for me, I removed the group private-user-group from Administer Projects under Default permission scheme.

Like owenblacker likes this
Andrew Dunne
Andrew Dunne November 25, 2020

Hope you don't mind me piggyback here @Nadeem Bari @owenblacker 

I'm trying to set up Jira in a similar way. We have multiple next gen boards which I have now set to private. However we have a few remaining classic projects I need to ensure are hidden from the external partner we're working with.

In the permissions scheme I'm still unsure of the best approach. I now have two classic projects sharing the same permission scheme.

The external partner as currently configured can see the next gen board I have explicitly provided access to and the two remaining classic projects. Without changing anything they'd be able to view all of the issues and tasks in those projects.

To get around this, do I need to amend the browse project permission or the administer project permission?

Like
owenblacker
owenblacker November 25, 2020

@Andrew Dunne I think it's "Browse project" that is the permission you care about here, but you want to ensure that no group containing the external partner can access those projects — it's almost certainly that jira-users can browse the project.

I literally spent most of 2 days resetting Permissions schemes for almost every project in our instance and ensuring that the group privileges were appropriate in every Permission scheme in use.

If you want all your internal users to see all projects (which you might not, tbh), you'd be best to create a group called "Internal users" and grant that the access that you're revoking from jira-users.

I hope that helps; good luck! 😊

Like Andrew Dunne likes this
Andrew Dunne
Andrew Dunne November 26, 2020

@owenblacker I think I have it sorted now following your advice. Cheers!

And to any Atlassian PMs monitoring this chat, this has probably been my biggest pain point so far as my company's newly minted Jira admin (by default).

Like # people like this
owenblacker
owenblacker November 26, 2020

@Andrew Dunne: Glad to read it 🎉

Like
Reply
0 votes
Petter Gonçalves
Petter Gonçalves
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
April 1, 2019

Hello Jaime,

I hope you are having a nice day.

Next-gen projects permissions work in a similar way that Classic projects, the only difference is that Next-gen projects do not have a permission scheme to set each specific permission in the project, instead, it defines which actions the users will be able to perform by role: Administrator, Member or Viewer.

To restrict your Next-Gen projects to only specific users, you must follow the steps below:

- Navigate to your next-gen projects > Details > In the Access field, select private:

Screen Shot 2019-04-01 at 16.13.00.png

- In the tab people, define which users should be able to access the project, selecting the role you want for them.

For more information about Next-gen projects permission and what permissions are granted by each role, you can refer to the documentation below:

Overview of permissions in next-gen projects

Let us know if this information helps!

View More Comments
Joe Hankin
Joe Hankin May 21, 2019

Hi Petterson,

Could I ask how you can give access to a user (in a next-gen project), but so they can only see this one project. I work with an agency and want them to be able to see just this one project as a Member. I can't see how to do it in the Next-Gen projects, but know it is possible in other project types.

I have added a user with no access, and then given access to the next-gen project as described above but they are unable to see anything at all. I presume I'm missing something?

I believe this is also what the question above was asking too? But excuse me if I've missed something. "External User Access to only one "NEXT GEN PROJECT"

 

Many thanks

Like
Jaime Mabini
Jaime Mabini May 21, 2019

Hello Joe,

If I understand your question correctly, you want a user to only view one specific Next Gen project. The solution I did was to put all existing projects into private mode and added that one user to the project he should have access to. 

In this solution, the user will only be able to view projects that he/she is granted access to.

 

Best Regards,

Jaime Mabini

Like Petter Gonçalves likes this
Joe Hankin
Joe Hankin May 22, 2019

Thank you for getting back to me Jaime,

Yes, you are right, that I want to be able to "by default" stop a user from being able to see everything except the one or two projects we choose to add them to. I will certainly look into your suggestion, and can see how that works, however, unfortunately, this is an instance shared by many other users across a large org, and I think it will ruffle feathers if I start removing access to all the projects for all users.

Ideally, I need the alternate case whereby everything is visible to everyone, unless they are in a group which is for agancies, and then can only see a few projects.

Any ideas if this is possible?

 

Thank you for you help!

Like
Rodney Cowled
Rodney Cowled October 21, 2019

We've the exact same use case. We would like to keep our projects open internally & allow access externally (vendors, consultants, etc.) to specific projects only.

Like # people like this
Christian Jungers
Christian Jungers December 5, 2019

Agreed ... this is a very common use case which we need to support as well. Clients / external folks need to be restricted to only explicitly identified projects (those users will be in a group) while leaving all projects open to all folks within the company normally (in the normal Jira users group). I can't believe this has been overlooked so far with Next-Gen.

Like Rodney Cowled likes this
Owen Blacker
Owen Blacker April 28, 2020

This still seems to be a problem, from what I can see…

Like
Joe Pliss
Joe Pliss January 19, 2021

The "solution" put forward by Atlassian is a non-starter.  Basically, my entire company would have to shut down into private mode so that I can support even one or two projects that has a need to share with a customer.  Nextgen in the current state is not a tool that can be used where I need to share different projects with different customers and keep their views contained and separated.  

There should be a role that can be defined that basically means "no privileges unless explicitly granted by project".  Or maybe that's the default unless a user is associated with a role.

Like
Stefan Grob
Stefan Grob April 7, 2023

yes @Joe Pliss - i absolutely agree with you. i have the same problem, i have to shut down the company in private mode... hei atlassian-team: are you working on a better solution for this?

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira Software
TAGS
AUG Leaders

Atlassian Community Events

    See all events