Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
4,361,489
Community Members
 
Community Events
168
Community Groups

How to implement issue level security per epic to restrict users from other organisation

How to implement issue-level security per epic to restrict users from other organisations that we would be adding to our boards, but would want them to have visibility into epics needed by them only

3 answers

3 accepted

0 votes
Answer accepted

Hi Disha,

You will not be able to create the issue security level directly against an organization. So you will need to be sure that the persons in the organization are in a project role for that project or a group. Then you can set up the issue security level against the project role or the group.

John Funk Community Leader Aug 23, 2022

Yes - you create the security level and connect it to a role. Then whichever Epics you attach the security level to, then only those people in that role can see the Epics. 

Like Disha Raheja likes this
0 votes
Answer accepted

Hi @Disha Raheja

As Jira is highly customizable, a solution is  to add the users from the other organization into a user group, so if you have a group for each organization, you'll be able to add a group to the issue level.

Adding users to the group would need to be done by your Jira administrator. 

A working example:

Capture1111.JPG

Kindly let me know if you have further questions.

David

Indeed you can create roles as well as suggested by @Pramodh M

Please note that the roles will be available for project managers to use them in the entire instance. This can be a downside or could be the solution your are looking for.

But in the end, look at the documentation provided (https://support.atlassian.com/jira-cloud-administration/docs/configure-issue-security-schemes) and grant the group or role that fits your case the most.

Regards.
David

For instance if I create a role say ABC org - would I be able to restrict their access to  particular epics (previously created)  and the stories within them only and not the entire project. If so please let me know how. I saw videos on limiting certain issue type to certain users only but they all showed new issue types being associated.

Hi @Disha Raheja

Yes, In the documentation are specified the steps to create and associate the Issue security level and adding members to a security level.

https://support.atlassian.com/jira-cloud-administration/docs/configure-issue-security-schemes/

In essence, when an Issue (either epic or any issue type), has set an issue security level, in order for a user to see the issue, the user would need to have Browse permission on the project and also be a member on the issue security level in which the issue has been set.

In the issue I shared, the issue security levels are on the left and the possible members on the right.

If an issue is set to the level that was first shown, then only the following users/groups/project roles would be able to see it:

Capture1113.JPG

Kindly review and let me know if you have further questions.

Regards,
David

So if the user/group has browse permission on the project , it is likely that they will have access to all other issues in the project? which is something I don't want.

 

In essence I need these external users to have access to just the epics/stories I need them to have access to. Will that be possible?

If a user has Browse project  permission and there is no Issue Security set on the project, then the user will have access to all issues.

The Browse project permission is the minimum permission required for the user to see the issues, like a basic permission.

If the Issue Security is set on the project, then the user will have access to the issues that don't have any issue security level set (Depending on the configuration).

If the Issue Security is set on the project and all issues in the project have an issue security level set, then the user will see only the issues where the issue has configured access to the level where the user is member, meaning, the user would only see where the issue level is configured for the user to see.

Regards,
David

0 votes
Answer accepted
Pramodh M Community Leader Aug 23, 2022

Hi @Disha Raheja 

Create roles and restrict the roles with specific security level by associating the issue security level scheme with the project

For a detailed guide, visit the documentation

https://support.atlassian.com/jira-cloud-administration/docs/configure-issue-security-schemes

Let me know if you have any query

Thanks,
Pramodh

Suggest an answer

Log in or Sign up to answer
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
STANDARD
PERMISSIONS LEVEL
Site Admin
TAGS
Community showcase
Published in Jira Software

An update on Jira Software customer feedback – June 2022

Hello Atlassian Community! Feedback from customers like you has helped us shape and improve Jira Software. As Head of Product, Jira Software, I wanted to take this opportunity to share an update on...

5,074 views 18 32
Read article

Atlassian Community Events