Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

How can I add users to specific projects?

This should be a straight forward topic as ALL other ticketing systems I came across allowed such basic feature in a simple manner, but it seems that is not the case with JIRA. 

 

I need to add users from external companies to specific projects they should be assigned to. These users should only be able to see the content assign to them and not all projects. 

 

I tried many things from the forum and the documentation and nothing worked so far. It is kind of frustrating that such a silly feature would take this much time/effort to be solved. 

 

Does anyone know how to do this?

Grateful for any help.

2 answers

1 accepted

0 votes
Answer accepted
John Funk Community Leader Nov 11, 2019

Hi @Vinicius Ferraz  - Welcome to the Atlassian Community!

You can go to project settings > people and place the users in a project role. Maybe even create a new role for External or something like that.

Then update your permission scheme for that project to grant Browse Project for that project role. 

I hope that helps!

No it didn't 

 

There is only "administrator" role available

 

If I do like you say, when I login with this account I can see all other projects, that is the issue in question

John Funk Community Leader Nov 11, 2019

You will need to create an additional project role at the Jira Systems level. Go to Settings > System, then Project Roles under Security. 

Once you add the new Project Role, then you can assign people to it. And then change your Permission Scheme. Let me know if you have problems. 

Change my permission scheme how? 

John Funk Community Leader Nov 11, 2019

Are you asking where to find the Permission Scheme and how to Edit it? Or are you asking what changes to make when you are editing it?

For the second part, you would add a permission for the Browse Project  permission to allow the new Project Role to see the project. 

You would probably need to do that for Edit Issue, Create Issue, Transition Issue, etc. if you want the External Customer to be able to do those things. 

It doesn't work, the account in question still sees all projects

 

This is how it is setup in the admin page, maybe it is something to do with that?

Screen Shot 2019-11-11 at 3.58.48 PM.png

John Funk Community Leader Nov 11, 2019

Yes, you will need to modify the other existing Permission Schemes to use a different project role for Browse Projects that does not include the External people. 

It's a bit of extra work, but it will function as you would like it to. 

I created a new project role under system > security, I added this role in the project in question, I changed the permissions and I added that role to the project in question as well. The user can still see the other projects. 

Like Ralph Azzi likes this

Vinicius, 

This is likely because Atlassian out-of-the box errs on the side of transparency.  Each project has a default permission scheme -- though, by default it will let ALL jira users access.

To restrict specific users to projects, it is easy enough to create a new permission scheme. You can create a default permission scheme that suits you and you can set it to be defaulted when new projects are created.

The recommended method is to create a scheme that references "project roles".  I typically use only 3 project roles for access: Users, Read-Only, Admin.  Then you can add People (Project Settings -> People) to the correct role.  

Your screenshot above is at the system level - you will need to access project settings.

The above is part of a learning curve - but can be powerful once you have the "aha" moment. 

Hope that helps,

Pete

Aren't there instructions for this anywhere?

John Funk Community Leader Nov 11, 2019

The instructions are just going to tell you have to modify the Permission Scheme. Which you already know how to do. There are no specific instructions on how to setup projects so that External Users can't see them. 

The problem is that Jira is going to place all new users in the jira-users group. Then the default for all new projects typically places the jira-users group in a project role like Users. That project role is then connected to the permission scheme to allow access, such as Browse Projects.

So you either need to edit the people in every project that you have to remove the generic jira-users from any project roles, and then add them in some other way for access. Or you need to modify the existing Permission schemes for each project that you don't want the External Users to have access to. 

The permission schemes you mean are those?

Screen Shot 2019-11-11 at 4.28.29 PM.png

Ah, I got it now, 

So what I did, I edited the global permissions and removed from the options such as "browse projects" the "any logged in user" option, can you confirm if this would be secure?

John Funk Community Leader Nov 11, 2019

Yes, that will work, but you need some mechanism for your internal users to see the existing projects as well. Just check your permission scheme for Browse projects for those. If you can post a screenshot of the Browse Project portion of one of your permission schemes, that would be helpful for guidance.

For your other screenshot above, no that's not the Permission Scheme, that's just the list of Groups available in the User Administration area. 

For the Permission Scheme, go to Project Settings > Permissions.

You are right, now I (and colleagues) cant see the other projects' content. That is how it is currently:

Screen Shot 2019-11-11 at 5.05.23 PM (2).png

So what I did, in the system management I created a group like "full-project-access" and only added internal people, then I added this group to the permissions, it seems to be working :)

Like John Funk likes this
John Funk Community Leader Nov 11, 2019

Yes, so one way to go about this is to create another Group under User Administration, and place all of the non-External Users in this new group. Then add that Group to the Permission Scheme for each item. 

OR you can grant a project Role such as Users to the Permission Scheme for each permission and then place the new Group in the Users project role. 

I would probably do the second one. But then as you create each new project, you will have to remember to add them to the project role, even if you copy the project from an existing project. 

How many users are in your instance? 

John Funk Community Leader Nov 11, 2019

Sorry, was posting my last one when your other one came it. Yes, that should work.  :-)

Yeah now it looks good, thank you immensely guys, it took me the whole afternoon, there are a lot of nonsense instructions online, maybe from older versions. Thanks!

John Funk Community Leader Nov 11, 2019

Great! Glad it is working for you now.  :-)

Vinicius Ferraz, so how your external users are able to gain access to a specific project only? Because under my site organization, I have multiple projects for different end-users.

I have created a new group for every end-user and I have assigned this group to the permission scheme for that specific project.

is this setup correct?

Do I need to assign the group for the different permission sections, or I can use the project permission with administering role?

John Funk Community Leader Dec 06, 2019

Hi Ralph - you will need to update your Permission scheme to grant the appropriate access to the project(s). You can use the group or the project permissions. 

it is working now, I created a group for every project and a permission scheme for every project where external users are members of those groups associated with every project via the permission scheme. It is working 100 %!

John Funk Community Leader Dec 09, 2019

Great - glad to hear that!

I have been struggling with this same issue. I have 3 users that I want to be able to see only ONE project. I created a specific permission scheme and granted access to most permissions other than "Browse users and groups'.  I also created a specific project role with those 3 members.  What else do I have to do in order to grant them access to only the one project?

thanks for your help!

holly

John Funk Community Leader Sep 07, 2020

Hi Holly - Welcome to the Atlassian Community!

You will need to modify all other permission schemes so they don't give access to any groups that the 3 users may be in (like jira-users).

Hi Vinicius,

Have you been able to address this issue? I currently have the same issue and have not yet been able to find a suitable solution. Perhaps you already discovered a manner to address this?


Regards,

Ewout

John Funk Community Leader Jul 15, 2020

Hi @Vinicius Ferraz ,

You can add the user as normal with the Settings > User Management function.

Then create a new group in User Management and add the external users to that group.

Then edit the Permission Schemes of the projects you do not want the users to see by not including the new group in the Browse Projects permission.

Suggest an answer

Log in or Sign up to answer
TAGS
Community showcase
Published in Jira Software

How to create Jira issus from Excel file?

When to use CSV importer When managing your processes in Jira, there are many occasions where you need to create a lot of tasks. Creating them one by one will cost you a lot of time and effort and i...

4,469 views 22 32
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you