How can I restrict a group to only being able to access one project?

How can I restrict a group to only being able to access one project? I have 5 projects and I want a group (or certain individuals) to only be able to open one of the projects.

3 answers

1 accepted

Hi @Iain Colquhoun, 

To elaborate on Joe's point: I have done this in the past when we've had external vendor I only wanted to see one project.

  1. Remove those people from the 'jira-users' group
  2. Add a new group to the system and add those people to it. 
  3. Then add that new group to your Global Permissions under Browse Projects permission (version 6.x and earlier) or add it to Application Access (version 7.x). (how to do this depends on what version of JIRA you are using)
    1. At this point, the users in the new group can log into JIRA but they cannot see anything as far as issues go. This is because of how the default permission schemes for projects are set up, the default to allow access to the 'jira-users' group. 
  4. Then go to the specific project permission scheme that you want to grant access to and place that group in the Browse Project permission. 
    1. Conversely, you can remove the 'jira-users' group from this permission which will revoke a large part of your user-base from seeing that project. (kind of like a simplified Issue Security Scheme)
  5. Save and Done!

This works well when you have only a few projects or a consistent few people in this group. It can be a little cumbersome when you have a lot. You may want to play around with this in a test environment so you can see how it works. 

Side note: If you do this, when you add new people to the system you will notice that they will automatically be placed in both the 'jira-users' group as well as the new group. This is not a problem if they should be able to access everything but if they should only be in a limited permission group then you will have to edit their groups to remove them from the 'jira-users' group. 

Have a good one. 

Avril 

Joe Pitt Community Champion Aug 02, 2016

It used to be any new users were automatically added to all groups with logon rights. If that is still the case any new users would end up in both groups.

Thanks Avril, that has been helpful.

In short, ensure that this group is only added to the appropriate roles for the project in question.

JIRA has some default roles and permissions associated with those roles via the permission scheme. 

Go to your project settings, select Users and Roles, and then add the group to the appropriate roles. Remove this group from the roles on the other projects.

Does this help?

Chris

0 votes
Joe Pitt Community Champion Aug 02, 2016

Often users get access because the 'jira-user' group, which they need to be in to be able to logon, is given access to projects. In my opinion, that group should never be used in a permission scheme. Eventually someone will have access they shouldn't.

Suggest an answer

Log in or Join to answer
Community showcase
Sarah Schuster
Posted Jan 29, 2018 in Jira

What are common themes you've seen across successful & failed Jira Software implementations?

Hey everyone! My name is Sarah Schuster, and I'm a Customer Success Manager in Atlassian specializing in Jira Software Cloud. Over the next few weeks I will be posting discussion topics (8 total) to ...

2,770 views 11 18
Join discussion

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you
Atlassian Team Tour

Join us on the Team Tour

We're bringing product updates and pro tips on teamwork to ten cities around the world.

Save your spot