How can I allow project owners to add members to specific groups?

Is there a way in Jira
that I, as and site administrator
can give project owners or members of a specific group
the ability to add existing users to specific existing groups?

This would really make the administraion much easier for me as a site admin.

Regards Johannes

5 answers

1 accepted

1 vote
Accepted answer
Chris Fuller Atlassian Team Jun 20, 2014

You can't, and this seems like a very dangerous idea. Membership in a group is a global concept, so it does not make sense to let a project administrator add users to global groups that could also escalate that user's privileges in another project. It would take a lot of discipline to make certain that each group you allowed this for was only used in a certain project or group of projects with similar access requirements.

It sounds like the existing Project Roles are closer to what you want here, as this allows you to grant project-scoped access to individual users.

If that does not meet your needs, then you might want to watch While there are several other issues related to the concept of a "limited administrator", JRA-3156 is where we are coordinating the plan to address that general category of concerns.

Chris Fuller Atlassian Team Jun 20, 2014

For reference, more information on Project Roles:

Well even thougth LDAP is an option it would likely make the process even slower than it already is do to internal processes. We'll stick with the current setup for now.

0 votes

Not possible without additional development. Memberships can only be managed by Site Admin or outside of JIRA (external directories like AD)

0 votes
Joseph Pitt Community Champion Jun 19, 2014

I suggest you control access with Roles. Project Admins can add/delete users from roles.

Well, this wouldnt work for us, as we use JIRA to control application access to a whole suite of development tools: confluence, bamboo and stash.

So we need to use groups, that are properly nested into categories of developers etc. Otherwise it will be a lot of maintenance for our project managers to have to sync lists of users across the different applications!

What we are looking for is how to empower our PM's to add/remove users from groups.

Chris Fuller Atlassian Team Jun 20, 2014

This suggests that what you really need to do is use LDAP to control group membership in all of these applications and manage them through the LDAP server.

JIRA is not really intended to be an LDAP administration tool. To the extent that it can write to the LDAP directory, this is a global permission because group membership is a global concept. JIRA cannot "know" that you are choosing to follow a particular convention in how you assign the global groups to individual projects.

While this certainly sounds like a good idea, for JIRA to "understand" that this is what you are doing would require explicit support for the concept, and JIRA does not currently have that.

Hi May be you can add users in project roles instead of groups. And use role based permission scheme. Project admins have permission to administer this. Here link to documentation.

Suggest an answer

Log in or Sign up to answer
Community showcase
Published Jan 08, 2019 in Jira

How to Jira for designers

I’m a designer on the Jira team. For a long time, I’ve fielded questions from other designers about how they should be using Jira Software with their design team. I’ve also heard feedback from other ...

1,098 views 4 9
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you