Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Celebration

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root

Avatar

1 badge earned

Collect

Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!

Challenges
Coins

Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.

Recognition
Ribbon

Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!

Leaderboard

Join now to unlock these features and more

How to configure single user permissions to "add comments" only for auto-bot comments purposes?

Edited
Wojciech Liwanowski
Wojciech Liwanowski Sep 28, 2023

I've created user and added them to a new group. I would like this group (and user) to have Browse projects and Add comments permissions only (I would like to add automatic comments from other soft via a bot). 

However when I set Jira access for this user, it automatically inherits all jira-software-users permissions hence has access to everything.

Answer
Watch
Like Be the first to like this
79 views

2 answers

1 accepted

0 votes
Answer accepted
Trudy Claspill
Trudy Claspill
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
Sep 28, 2023

Hello @Wojciech Liwanowski 

If you are not a Site Admin or Org Admin for your site you'll need to get one of them to help you debug this.

To have product access to Jira the user must be added to a group that has been granted Product Access to the product through the admin.atlassian.com site. 

When a new user is granted access, depending on the method used they may be automatically added to the Default User Group specified to grant product access. That group may be the jira-software-users group. That group may be used in Jira permissions schemes. If the user was automatically added to that group then that would explain how they have acquired that groups permissions.

If you don't want the user to have those permissions, then you need to remove them from that user group.

If that is the only group in Product Access through which the user obtained their Jira product access, then you will have to add them to another group that is or can be used to grant the Product Access. If you are trying to limit their access, then you may need to use a new group, or a group that otherwise isn't used in the Permission Schemes to grant access to other projects.

View More Comments
Wojciech Liwanowski
Wojciech Liwanowski Sep 29, 2023

I am site and org admin, I'm not familiar with jira admin quirks yet :)

I've added group and give it access to Jira.

I've added user to this group and set his permissions to browse projects and add comments only.

According to your answer, I'm grateful for btw, this should do the trick.

Thank you.

Like
Wojciech Liwanowski
Wojciech Liwanowski Oct 02, 2023 • edited

Unfortunately this solution doesn't work. Despite user having selected only those two permissions, they can do everything else as well.

What's more, whenever I test whether this user may or may not do anything, they are automatically added to Confluence access.

Like
Trudy Claspill
Trudy Claspill
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
Oct 02, 2023

What are the permission allocations for "everything else" in the Jira project? Have you confirmed that the users does not belong to a group or role allocated those other permissions, and those other permissions are not set to Public, or Any Logged In User?

Are you working with a Team Managed project or a Company Managed project?

 

If the user is being granted access to other products automatically you should look at the User Access Settings under the Products menu in admin.atlassian.com. In that location you can configure users from domains to be granted access automatically, only with admin approval, or not at all per product.

Like
Reply
0 votes
Wojciech Liwanowski
Wojciech Liwanowski Oct 04, 2023

The overall scheme permission that was. I've removed Any Logged User and changed it to jira users group instead.

Thank you :)

Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
STANDARD
TAGS
AUG Leaders

Atlassian Community Events

See all events