I'm new to administrating jira and I'm trying to find a way of granting access to selected projects for external partners.
Can you please give me some guidance, as I could't find the solution by trying out, nor in the documentation (not for cloud, at least).
Thanks in advance and best regards,
Hi @Jakob B_
For the team-managed projects, the Access permissions are set on a per-project basis, so you can add the users in Project Settings > Access, and choose their level of permissions. You can see more on team-managed project permission levels here.
For the company-managed projects, the permissions are set in the permission scheme used by the project. Here is what I would do for the company-managed projects:
thank you for your response. As I feared it seems like there is no solution for my issue without adapting all existing projects and the security concept in general. Let me please just sum that up and, if you could be so kind, double-check if I've missed an important security aspect.
Provided everything is correct as I have described: How would I protect my colleagues from accidentally sharing team managed projects with external people, apart from standard procedures and trainings? I know, administrating defaults would conflict with the team-managed attempt. On the other hand, I cannot expect users of team-managed projects to understand the importance of the permissions structure.
@Jakob B_ Yeah that all looks correct to me - when you say 'that would be the default', do you mean you would make this change on the default Jira permission scheme? If you do, then great - I would recommend this so that whenever a new project is created, external users wouldn't be able to access it.
I don't think there is a way to block certain users from being added to team-managed projects. You would hope that this wouldn't be done accidentally, as a project admin would need to manually type in the user's name or email address and assign them a role/permission level, so hopefully they would know if the user is internal or external
thank you for being so helpful and sorry for my late response. Yes, the plan is to make the mentioned changes on the default Jira permission scheme. Just one more question, as I have not yet started with the implementation: would the change of default permissions scheme also have an effect on team-managed projects? Because if not, it wouldn't be very helpful for my organisation.
Thank you, @Callum Carlile _Automation Consultants_
I'm just thinking about the consequences for my organization.
Suppose I would implement everything as said before: I have external users with product access and I have adapted all project permissions so that they can only see the one project they are contributing to.
Now, any of my colleagues will start a new team-managed project. He or she might not know about the need to restrict permissions in order to exclude all external users from their project. I see a real danger of accidentally sharing sensitive information.
Hi community 👋, as every Monday we're bringing you a quick update on what happened in the Atlassian ecosystem last week. There were a few interesting events like for example the announcement of th...
Connect with like-minded Atlassian users at free events near you!Find an event
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no Community Events near you at the moment.Host an event
You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events