Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
Community Members
Community Events
Community Groups

How can I assign external users to different projects so that they can't see other projects?


I created 5 different projects so far and everything went well. Those 5 projects will be assigned to different customers. 2 projects for customer A, 2 projects for customer B and 1 project for customer C. So there will be internal colleagues and different external users.
I added 5 members to JIRA software as users. 4 members are internal colleagues and one member is an external person who belongs to customer A. 

Now here is my issue. I want this external person only to see the two projects for customer A. After that I want to onboard more external persons for customer B and the same for customer C.

I'm pretty sure that is has something to do either with roles or groupes

Administration>users: the person (customer A) has a "standard" role and belongs to the group "jira-software-users" but no further restrictions.

I'm not an experienced user therefore please comment as detailed as possible so that I can follow. I hope that someone has a good and easy idea to solve the problem. Let me know when you have questions.

2 answers

2 accepted

1 vote
Answer accepted
Mike Rathwell Community Leader Oct 28, 2020

Hi @Steffen Kappes ,

You are 2/3 right with it having something to do with roles and/or groups. To go the extra bit, you would be, then, setting up a permission scheme to provide that further security. 

A good discussion can be found here

BUT, rather than just throw you to the wolves, as it were, here are some thoughts from a "been there, broke that, got the t-shirt" kinda guy.

  • Set up your groups first with each of the different customer humans in those. This gives you easy grouping of users in each customer as they come and go.
  • Set up a group explicitly for your internal colleagues (or whomever should be able to see all the projects)
  • Set up the permission scheme with at least browse permission to a definitive Jira project role. Make sure you leave some human or group of humans (probably not your customers) able to do administer/deeper things with the project
  • Add both your common internal humans and the relevant group of humans to the definitive Jira role you assigned in the permission scheme. 

I recommend the "Member" role for the use above just because it is a good mnemonic. But.... now you have your overall group able to see in all the projects, each human for specific projects only able to see their project, a single permission scheme that you can apply to any new project and need only create the group of discrete humans to add to a role to make it all the same.

0 votes
Answer accepted
Flavien Gache Community Leader Oct 28, 2020

Hello Steffen.

For what you want to do, you need to do two things. In my opinion, you can do as follows.

First, you need to create a permission scheme. A permission scheme is linked to a project. It allows you to control who can do what in that project. I suggest you create one for each of your project. You can copy paste the default one and make one for each project. You can also make the same for everybody. Don't worry : it does not imply that everybody will have the same rights on every project even though the same permission scheme is on every project.


Screenshot 2020-10-28 at 16.39.37.png

Screenshot 2020-10-28 at 16.42.29.png

For that, we will use Roles to manage your permissions. You can say for example that if somebody is in the Developer Role for project A, he/she can browse it and see it. If he is not, he won't see anything.

Let's say we have Albert, which is part of project A. I set my permission scheme so that only people in the Developer Role can see the project and work on it. Then, i switch the current permission scheme of project A to associate my brand new permission scheme.

After it, i go to project settings in Project A. I go to the People tab and add Albert in Developer Role. Albert is now able to work on project A. 

Note that Roles are independent for every project. That means that, in my previous example,  given that I set a similar permission scheme for project B and C, Albert won't see anything from project B and C because I did not add him in any role for that projects.

I let you try for the configuration of the permission scheme. Don't hesitate to tell me if you still need help.

Thanks a lot! I appriciate your screenshots and your explanation.

Tagging on here... so if I have Project A that consists of both internal and external users, I should only make 1 group "called A" because I'm not seeing how you can give permissions to more than 1 group (internal and external) under these settings.  Is that correct?

Suggest an answer

Log in or Sign up to answer
Site Admin
Community showcase
Published in Jira Software

Upcoming changes to epic fields in company-managed projects

👋 Hi there Jira Community! A few months ago we shared with you plans around renaming epics in your company-managed projects. As part of these changes, we highlighted upcoming changes to epics on...

1,467 views 11 22
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you