You're on your way to the next level! Join the Kudos program to earn points and save your progress.
Level 1: Seed
25 / 150 points
1 badge earned
Challenges come and go, but your rewards stay with you. Do more to earn more!
What goes around comes around! Share the love by gifting kudos to your peers.
Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!
Join now to unlock these features and more
The Atlassian Community can help you and your team get more value out of Atlassian products and practices.
We are opening up Jira access to external users (not part of our Organization AD) . So we have created a group for these users (let's call it ext-grp ) and they are able to access Jira and the required projects meant for external users. However, for security reason we must put in place a restriction so that Project Admins of other internal projects can't add these external users accidentally. All internal users are part of an internal group (let's call it int-grp)
All internal projects use a scheme where browse access is provided to Project roles. So if the admins add external users with these roles, they can access these internal projects. If instead of project roles, we use internal group int-grp , then everyone in the organization will have access to all internal projects. And we have 100s of internal projects, we can't create dedicated group for each project.
Considering this, what should be a better strategy here ?
Thank you @Graham Twine for the response!
It will be heck of a task to make such changes at this stage and for all the projects. At least can we write a custom script to alert when an external user is added to a project?