Restricting access to a Jira Work Management project

Alex John May 24, 2023

Hello - I am working on a Jira Work Management cloud project that contains information that we would not like everyone to have access to.  The issue is that we also need people to be able to view tickets that they are needed for within said project.  I am looking for a way to allow the core group of people working on the project to maintain full access, permissions, and visibility of the project while restricting access to anyone else to only see tickets that they are assigned to.

 

My first thought was to create two groups (one for the team and one for everyone else) but we have a lot of people that we would need to give the restrictive role to.  I would then create a new permission scheme that would allow me to do what I described above.  Is this the right direction to go in?  Is what I am describing even possible in only allowing certain people access to view the project?

 

Thanks!

1 answer

1 accepted

1 vote
Answer accepted
Trudy Claspill
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
May 24, 2023

Hello @Alex John 

Is the project a Company Managed project or a Team Managed project?

If it is a Company Managed project, take a look at Issue Security Schemes.

https://support.atlassian.com/jira-cloud-administration/docs/configure-issue-security-schemes/

You can use that to set a Security Level on each issue making it visible to only the core group or to the core group plus the current assignee.

Alex John May 24, 2023

This is great, I didn't realize this was an option!  It is a company-managed one.  I guess I could just make a role within a new Security Scheme of "Contributor" which would only allow someone outside of the project team to see or interact with tickets that they themselves?

Trudy Claspill
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
May 24, 2023

I recommend that you go through the Atlassian University self-paced training concerning Issue Security to get a deeper understanding.

https://university.atlassian.com/student/catalog/list?search=issue+security

I also recommend that you set up a test project to work out what you need before trying to apply it to your live project.

You need to figure out how you designate the "core team" vs. the "contributors" that should have limited visibility. These are your options that you can use to specify who can see an issue:

Screen Shot 2023-05-24 at 3.02.46 PM.png

Are your "contributors" and "core team" contained in discreet user groups or project roles?

There are multiple ways you could set up issue security levels depending on how you use groups vs. roles. I can't tell you "do it this way" and guarantee that will work without knowing how your "core team" and "contributors" are being assigned to those groups and/or roles.

Another thing to think about is can a "contributor" create a new issue? Should they be able to see issues they create even if they are not assigned to them?

You'll have to look at how you want to set the security level on each issue; whether it should be able to be set by the users or if you want to set it automatically, and allocate the Set Security Level permission accordingly.

And note that there is no automatic setting of the security level on issues that already exist. If you implement an Issue Security Scheme you will need to set the security level for the existing issues. An issue that has not security level set will be visible to all users who have the Browse Projects permission for that project.

Alex John May 25, 2023

Thanks for the in-depth response, and yes I am definitely working on this in our test environment.  I believe what I am looking to do is to create project roles for this and similar subsequent projects (Contributor/Core Team) as the actual people in them may change in the future.  The contributors don't need to make any tickets as the project team has already determined the exact work that needs to be done, they just need to be able to see and work on the tickets assigned to them.

Great tip about the security on existing issues.  I think I just want binary access where people who are part of the project team have full visibility and access for the project and anyone else has none (unless they are a contributor).   I'm checking out that video you linked today.

Alex John June 28, 2023

I wanted to follow up with how I did this:

  1. Created a `Compliance Team Member` role and added members of the compliance team in
  2. Created a Project Permissions Scheme that will only allow the project to be browsed by the `Project Team` role, admins, and `Current Assignee` (as well as limited what a Current User can do within a ticket)
  3. Set a security scheme up for the project with one level which has clearance for `Project Team` role,  admins, and `Current Assignee`
  4. Set all tickets in the project to that security level

At this point I am able to assign tickets from the project to any Jira user and they will only be able to see tickets within the project that are currently assigned to them.  Compliance Team Members and Admins will be able to browse the entirety of the project without restriction.

Suggest an answer

Log in or Sign up to answer
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
STANDARD
PERMISSIONS LEVEL
Site Admin
TAGS
AUG Leaders

Atlassian Community Events