I'm trying to add an external client, say, TEST to confluence / Jira.
I created a user (TEST) but via Site Adminstration > Users > Test > clicked on Application access, it appears that he has access to Jira and Software. But since Confluence-users and Jira-software-users are also groups, the test user has access to all projects and spaces in Confluence.
So, if we have Project A, Project B, Project C & Space a, Space b, Space c, how can I have the test user have access to ONLY to PROJECT B and also to a SPACE B -- PLEASE ADVISE
Do not put them in the confluence-user or jira-software-users groups.
Either define new groups that let them log in and only get access to the projects and spaces you want, or change the permissions so that they do not use those "can log in" groups, and use other groups which you can not put "test" into.
Can you please help?
I’ve tired the following tasks:
But none of these worked – Am I missing something here?
Right now, the external client has app access to confluence-user or jira-software-users groups. I'll take them off these user-groups, then can you please show me a 'how-to' from here? Surely, this is not complicated, I'm just trying to get this external client access to ONLY a specific project / spaces. Please, please help.
@Nic Brough [Adaptavist]- to further clarify, right now, I have two project roles:
ANYBODY - please help,
I removed him from confluence-users and jira-software-users but I have a group that has "Access" from Site Administration > Application Access > View Configuration added this group to JIRA SOFTWARE AND CONFLUENCE to grant access. Need to do it so they can login I guess. But when I add the group to this external user, the Jira Software and Confluence are both checked.
My default permission scheme has 4 projects, do I create a project role or something else?
I'm a little bit lost on what the problem is now.
You say "added this group to JIRA SOFTWARE AND CONFLUENCE to grant access... But when I add the group to this external user, the Jira Software and Confluence are both checked"
Yes, because that's what you've told it - people in the group have access to both. I don't know why this is an issue.
On the project access, keep it simple. What does the permission scheme say for "Browse project"?
Only use confluence-users and jira-software-users to control access to the application, since all users have to have these permissions for licensing, and remove those groups from the default permissions or off of the projects and spaces that they are associated with. Then create additional groups for access to spaces and projects. For example. We have 2000 jira-software-users that can access JIRA. We then have a group for ITS, Marketing, Payroll, etc. That we place on project relevant to them. Often on projects we bring in users external to the company. We can then add them to relevant projects and they only see those projects when they login.
I'm tracking with you but since I'm new to Jira, need some rails for "how-to" here. So, currently the test user (external) has access to the applications (confluence-users and jira-software-users). Obviously I want to have him access only 1 project / space
How do I remove those groups (which groups?) from permissions or projects & spaces? I cannot just remove confluence and jira software users? Is that what you are telling me?
Could you kindly explain a bit more step-by-step, would appreciate it.
Option One Setup:
All default JIRA & Confluence permission are default, no groups have been added to the core JIRA or Confluence permissions.
Project 1 - Add the Internal-User group to the project role user or developer and they can now access this project.
Project 2 - Add the Internal-User group and the External-User group to the project role user or developer and they can now access this project.
If you edit the global permissions and add the jira-user role to the global permissions it will apply to all projects. Since jira-user is a required role to access JIRA you will remove the ability to provide granular project access that you get by adding roles at the project level.
Option Two Setup:
Project 1 - Add the jira-user group to the project role user or developer and they can now access this project or add them to the global permissions.
Project 2 - Add the jira-user group and the External-User group to the project role user or developer and they can now access this project. You will also need to give External-User application access.
This is what I did:
IT still did not give the external user access to a specific project. Rather the external user has access to all projects, which I do not want.
So, application access is basically for logging in (Jira-software users, Jira-admin, confluence-users) all dealt with permissions. Since this external user is part of confluence-users and jira-software-users - he has access to login AND in my case all the projects visible to him.
Can someone please explain GLOBAL permissions and JIRA permissions? How is that different from Permission Schemes?
What am I doing that's wrong? Can someone please assist?
Hey admins! I’m Dave, Principal Product Manager here at Atlassian working on our cloud platform and security products. Cloud security is a moving target. As you adopt more products, employees consta...
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs