Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

How to give access to just one project

Stine Løvik Huse
Stine Løvik Huse December 5, 2012

Hi

I'm sorry, this is probably a VERY easy thing to do, but I am lost in how to give a user access to just one project in our Jira + Confluence OnDemand. I've been reading several of the documentation links, but I'm confused about the difference between groups, roles and permission schemes when it comes to this. Where to I start?

As an example, I need to set up a user (from another company) connected to a specific project. He can do anything within that project, but not see anything concerning other projects, including on his dashboard. I've set up a test-user to see how things work, but I'm not capable to find the answer myself. What documentation link is my recipe?

Grateful for any help.

Stine

Answer
Watch
Like # people like this
53589 views

24 answers

1 accepted

8 votes
Answer accepted
Michael Ormsbee1
Michael Ormsbee March 27, 2015

It really isn't as bad as other people make it out to be.

1. Copy the default permission scheme to another like "Project-Client-Permissions"
2. Create a group, "Project-Client"
3. Add that group only to the perimissions you want them to have. For me, it is Browse Project, Create Issues, Edit Issues, Resolve Issues, Add Comments, Edit Own Comments, Delete Own Comments, Create Attachments, and Delete Own Attachments
4. Apply that Permission scheme to the project
5. Add a user and add them only to the Project-Client group (they should also be in jira-users by default so they can login)

View More Comments
Stine Løvik Huse
Stine Løvik Huse March 30, 2015

Thanks! I'm a bit more comfortable with Permission schemes and such after studying for some time, but I have to agree with other comments/answers to my question: Why on earth does it have to be som complicated? Looking forward to som serious improvement on this..

Like # people like this
Nereida Lark
Nereida Lark April 3, 2015

doesn't jira-users give them access to all projects? I would think that the other permission schemes would need to change to remove jira-users from having access in order for the above to work. What am I missing? I am trying to do the same thing and it doesn't work.

Like Christine_Slotty likes this
Stine Løvik Huse
Stine Løvik Huse April 6, 2015

Are you thinking about 'users'? That group is mentioned in (default) permission schemes, not the group jira_users. jira_users just give access to Jira/login as far as I can see. I just followed the recipe above, and it worked.

Like
Nereida Lark
Nereida Lark April 10, 2015

Hmm. Doesn't seem to work for me. As soon as I give them jira_user they have access to all other projects as well. Did you have to change the other permission schemes? I tested this out myself by creating a bogus user and adding that user to both Jira_user and the new group that i created. Once I did that, the bogus user was able to access all other projects as well.

Like
Stine Løvik Huse
Stine Løvik Huse April 12, 2015

No, I didn't have to change the other schemes. In our schemes only 'Users', 'Administrators' and 'Developers' is used in general. Hope Atlassian or others can help you out!

Like
Darren Broadhea2
Darren Broadhead April 29, 2015

Thank you. Just needed the right direction.

Like
Shoval T1
Shoval T May 14, 2015

@Nereida Lark - I had the same problem and managed to solve it after reading the answer on this page: https://answers.atlassian.com/questions/180111/how-do-i-add-a-user-and-allow-them-access-to-only-one-project In short, you can add (via global permissions) the permission "JIRA Users" to the created group (group "Project-Client" in the above example). Then, you can remove the users from the "jira_user" group, and they'll still be able to login to JIRA, as long as they still belong to the "Project-Client" group.

Like # people like this
Nick Bartlett
Nick Bartlett April 10, 2016

This is the way to do it.  I also had to remove "Application Access" - "Any logged in user" from the "browse projects" permission in order to hide other projects from my one project user.

Like Jingjing Guo likes this
Regan Perry
Regan Perry August 2, 2016


that was it! "Any logged in user". 

Oh my gosh, I've been screwing around with this all day trying to figure this out. 

In the end what worked was to go into the Default Permissions scheme and change Browse Projects, from "Any logged in user" to "jira-software-users" 

Now, using the steps above, I was able to add a user to a group "Client X", Create a Permissions Scheme called "Client X Permissions", set the permissions I wanted. And update the project to use the Client X Permissions scheme. 

I also had to go to System > Applications > Application Access and add the "Client X" group to 'JIRA Software' and tick the checkbox for "can sign in"

Like # people like this
emotion-studio
emotion-studio November 9, 2019

.

Like
gediminassukys
gediminassukys May 15, 2020

short answer - impossible...

Like
Glen M. Baker
Glen M. Baker October 8, 2020

Wow. I wanted to do precisely this (allow an external user access to a single project) today and upgraded to the pay-for-it plan to get this ability.

Then I tried to do it.

Then I pulled out my few remaining hairs.

Then I put in a support ticket with Atlassian to ask them how to do this.

Then I did some google searches.

Then I found this thread.

And I absolutely love this concept:

"It really isn't as bad as other people make it out to be." (followed by a set of complicated and completely non-obvious instructions).

I work for a very small company and we have no IT department nor do we have time to become experts in the tools. All I want is a simple defect tracking system....

Like # people like this
Reply
29 votes
Steve
Steve July 29, 2013

I don't think the permisions setup in JIRA could be any more confusing.

View More Comments
Lisa Rahder1
Lisa Rahder July 29, 2013

lol!

Yeah, I used to think they just didn't know any better but then I got a look at what they charge to train... ha! So, perhaps it is all a Grand Scheme...

Like # people like this
brett hardman
Brett Hardman July 9, 2014

It's absolutely shameful. Somebody in atlassian should be thinking about a complete re-write.

Like # people like this
Yves_Goizet
Yves_Goizet February 10, 2020

And here we are ... 5 Years later and I still agree

Like # people like this
Issa Mangapi
Issa Mangapi March 25, 2020

Maybe will get better soon(in 2025) and boy,  I am looking forward to it 💪🏼

Like gediminassukys likes this
Sudhir Murthy
Sudhir Murthy August 14, 2020

Piece of crap, It has to be two clicks

Like
Reply
13 votes
Gabriel Magana-
Gabriel Magana-Gonzalez May 18, 2014

OMFG, this is so damned confusing. Really, Atlassian, I want the normal security groups, except I want to limit which projects a user sees and can access. Why is this soooo complicated? This is unreal.

What did I expect to find? In the user record, a set of checkboxes in a tab. One is for access to all projects, If you uncheck that, then you choose which projects the user has access to, one per checkbox.

It's incredible how complicated a process you guys turn this into. Been pulling my hair for more than an hour on this now, it looks like I a large chunk of my day will go into this insanely complicated task.

Reply
11 votes
Nikola Svitlica1
Nikola Svitlica October 15, 2014

"This user can access only this project" -> Are you all dumb in Attlasian and you did not figure out that that would be most common user request? Really? Have you bumped your head?

I can not f**** believe how much hassle is required to achieve this ... UNBELIEVABLE!!! 

Reply
9 votes
Nikola Svitlica1
Nikola Svitlica March 29, 2015

"It really isn't as bad as other people make it out to be." -> yes it is. 

If you can describe a use case scenario is as "User can access project", that means that UIX should follow this scenario with "Chose project, choose user, assign" - not to do "just this 27 simple steps". That is bad UIX design by itself. 

View More Comments
Andrew Tweedie
Andrew Tweedie March 29, 2015

Ideally - it would be great if you could simply click a button 'Add User to this Project' somewhere in the project panel. If this button was very obvious then at a minimum it could help to start the process. I could see something like: 1. Create a new project. 2. Click the 'Add User to this Project' button (which is very easy to see) 3. Auto-type User name and select. 4. Assign User Role or accept default. Done.

Like Serhii Kolisnyk likes this
Serhii Kolisnyk
Serhii Kolisnyk March 15, 2019

Indeed, it's 2019 and atlassian still hasn't figured out how to make it friendly. Damn.

Like katharina.lischka@thjnk.de likes this
Jeremy Bickerstaffe
Jeremy Bickerstaffe March 15, 2019

There is a way to make it friendly: set up the permissions schemes so that all the permissions are defined by "project role", i.e. not by individual or group. Then within each project you assign groups or individuals to roles. So we have project roles of "user", "developer", "admin". The trick is that I don't think this is the default setup in JIRA.

Like
Reply
9 votes
David Triebwass
DavidT August 30, 2013

Very confusing. Really should be easier to do this. Still trying to setup an Account Manager role for a specific project. This person should only have access to Project XYZ and should only be able to do limited create issue, add comments, add attachment, etc.

1. Created Account Manager role.

2. Project Permissions. You can't assign more than one permission scheme to a project. So I copied default permission scheme and added the (extra) specific permissions I wanted for project role: Account manager.

3. Associated this new permission scheme to Project XYZ.

4. Created test user and assigned test user to role Account Manager.

5. WTF! A user has to be assigned to a group. Groups have global permissions. So I removed account manager from users and cannot login. Created account-manager group and assigned user to account-manager group. It can login but gets blank dashboard with login link.

Hey Atlassian, could you make this any more difficult?

View More Comments
David Triebwass
DavidT August 30, 2013

Ok, found the answer here:

https://answers.atlassian.com/questions/180111/how-do-i-add-a-user-and-allow-them-access-to-only-one-project

You need to set/give/mummify this new group (account-managers) the Jira Users something or other so it can login. then everything works. It sort of makes sense but I took a lot of hallucinogens in college ;-[

Like Didier Moutou likes this
Stine Løvik Huse
Stine Løvik Huse March 30, 2015

Thanks!

Like
Reply
7 votes
Nikola Svitlica1
Nikola Svitlica October 15, 2014

I am now into phase to kill someone...

Reply
5 votes
Naren3
Naren
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
December 5, 2012

You need to create a Permission Scheme and assign the Project Permissions for that particular project. Just create a project role for such users, whom you want to restrict to a single project and assign them browse project permission for that project itself.

View More Comments
Andrei [errno]
Andrei [errno]
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
April 23, 2013

you'd also have to add them to "Users" in "Global Permissions" so they can login, right?

Like
Marius George3
Marius George October 23, 2014

Permission Scheme + assign scheme to project in NOT ENOUGH. The user still won't have access. I'm stuck on this too.

Like
Stine Løvik Huse
Stine Løvik Huse March 31, 2015

I only use group, not role.. And from what I can see, it works without creating a project role as well.

Like
Reply
4 votes
Maxime Pitot
Maxime Pitot July 13, 2014

I was thinking of adopting JIRA, but for the reasons above I'll stick to my current solution...

Reply
3 votes
Brian Rock
Brian Rock November 13, 2015

I couldn't agree more, this is the most confusing user system I have ever used.  Serious guys! Fix this or provide better training.  All I want to do is say User A has access to only Projects X, Y and not Z.  This shouldn't be that hard! 

View More Comments
Sumit Kumar12
Sumit Kumar November 13, 2015

i was just as furious. I needed weeks to dig into the system. Now I'm fairly confident with it and can get anything done in multiple ways. It is really powerful. I agree though: the onboarding system is ridiculous. Nobody ever gets this when first using it.

Like
Reply
2 votes
Yogen Sanghani
Yogen Sanghani December 14, 2014

I've been banging my head on the wall over this issue for the past few days. I have multiple projects, and multiple external teams working on different projects. I want to limit access and visibility of specific teams to specific projects and confluence spaces. The security/permissions scheme design on Atlassian platform is not only non-intuitive, and extremely laborious, it is plain stupid. 

@Logostech Atlassian Support Is there any way of achieving project level access control without going through such a laborious process for each project? How about a tabular representation of the permission scheme where I can edit all cells without having to click through Add for each and every permission item?

Reply
2 votes
C_ Faysal
C_ Faysal
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
December 5, 2012

hi

you could start by readin this

https://confluence.atlassian.com/display/JIRA/Managing+Project+Permissions

i prefer setting up Permission Schemes that are based on Project Roles so the Project Admin can easily choose which users should have access to browse the project and wich users should be able to assign and be assigned

besides you may create a sketch for your self and plan any kinds of permissions

View More Comments
Sumit Kumar12
Sumit Kumar August 13, 2015

you're saying this as if this would be some kind of normal, useful workflow.

Like
Jeremy Bickerstaffe
Jeremy Bickerstaffe December 9, 2016

This is by far the best way of doing it: then the project manager for each project can separately choose who does and doesn't have access to that project.

Like
Reply
2 votes
PauloP
PauloP
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
December 5, 2012

Hi Stine

This is related to Browse Projects in the Permissions Scheme settings. So, I believe that you'll be able to do it using a single Permission Scheme settings and an user group for the related project.

In other words, as an example, you'll have to:

1. Add this user to a single group

2. Change the related project role using the new group

3. In a new permission scheme, just change the Browse Projects value with the related group

4. Enable this new permission scheme in the related project.

After that, only the users members of the related group will be able to access that project. So, to avoid the access to other projects, perhaps you should review all the procedures and try to apply this kind of approach to other projects.

Also, this is the documentation related to this:

https://confluence.atlassian.com/display/JIRA/Managing+Project+Permissions

In case of further assistance, try to raise a new support ticket,

Cheers,

Paulo Renato

View More Comments
Andrew Tweedie
Andrew Tweedie March 29, 2015

Seriously? Can this be made simpler - i.e. 'Add User to this Project' button - I see a lot of confused people in the forum - me being one of them.

Like
Brian L
Brian L October 14, 2015

I agree. This is ridiculously more difficult than it needs to be.

Like
Reply
1 vote
Viet Nguyen
Viet Nguyen April 21, 2020

Hi, I found the solution for this (very easy one): In the Permission Scheme (FYI, I just have one Permission Scheme for all projects - both internal and external with customer). In this Permission Scheme, you assign the permission by Project Role not group or anything else. 

Then, inside the project, you assign your clients to a Project role.

Then, they can only see the projects they have the role.

Hope it help :)

View More Comments
Sandro
Sandro June 1, 2020

@Viet Nguyen Could you explain your solution more in detail, please?
Maybe, could you give us an overview of your workflow and settings?

I'm new with JIRA and do not have an idea how to set up your solution.

Thank you!

Like
Reply
1 vote
Saarthak Vats
Saarthak Vats May 22, 2018

This is how I achieved it :

  • Create a new project role - "Client". To achieve this, do :
    • Go to JIRA Settings and Choose Project Role
  • Add client people and assign them "Client" role. To achieve this, do :
    • Go to Project Settings -> People section
  • Change permission scheme of the project from old to new one. To achieve this, do :
    • Go to JIRA settings, copy default permission scheme of your project and create a duplicate one
    • In the new permissions scheme, remove permissions from "Any logged in user". Instead assign to "Client" project role wherever necessary.
  • Done!
Reply
0 votes
gediminassukys
gediminassukys June 1, 2020

.

Reply
0 votes
Daníel Ingvarsson
Daníel Ingvarsson July 26, 2019

This is bhaaad

Reply
0 votes
rwallaceconsulting
rwallaceconsulting March 5, 2019

So I created a project that i don't even have access to. WTH? I have literally spent hours trying to create 2 projects and verify that 1 other user cannot create more projects or have access to everything else. 

 

Maybe a video to show the 14 step process would be good. this is for the birds, finding another product. If you cannot set up a user in 2 hours intuitively, i hate to think what the rest of the product is like

View More Comments
rwallaceconsulting
rwallaceconsulting March 5, 2019

sweet. within 20 minutes, already create a project and correct user permissions in fogbugz. for those of you interested in jira, consider a simpler alternative.

 

no, i don't work for fogbugz. i am s/w consultant, who doesn't want to spend hours to create a user + permission. got better things to do.

Like Stuart Davies likes this
Reply
0 votes
Pronto Software
Pronto Software June 6, 2018

The explanation and diagram on this linked doco page is clear. I like the Jira security layers, they're not difficult to work with and make perfect sense, try mapping your use case to the diagram on this page.

Atlassian Doco->configuring-permissions-947188734

 

Cheers,

Pete Q

Reply
0 votes
Ivan Peevski
Ivan Peevski July 19, 2015

I don't know if this has changed with versions, but it seems to be quite easy to do this now...

How about these steps:

  1. Go to Project Administration -> Roles
  2. Edit the Users project roles and remove jira-users
  3. Add the individual users or groups you want to have access to the project.

I don't think you need to mess with permission schemes at all.

 

Reply
0 votes
Nikola Svitlica1
Nikola Svitlica October 23, 2014

At the and, I have managed to achieve mentioned. 

However - if I have to do all those steps: http://blogs.2i-it.com/how-to-configure-confluence-and-jira-to-grant-a-group-of-users-access-to-specific-spaces-and-projects/ in order to achieve simple: this users/groups can access/see this project than really, someone is really stupid here, either me which requires for most common operation to be executed in as less clicks as possible, or people behind this functionality which in 6 versions of this product could not figure out the common need of the users and force them to spend an f**** hour to achieve the same.

Reply
0 votes
Marius George3
Marius George October 23, 2014

I have recorded a series of steps here to give a particular Group access only to selected Spaces in Confluence and selected Projects in JIRA. Hope this helps.

 

View More Comments
Emanuel Kumar
Emanuel Kumar January 21, 2020

LInk wouldn't load :-(

Like
Reply
0 votes
Nikola Svitlica1
Nikola Svitlica October 15, 2014

What is the permission that user/group should have in order to be able to login?

Reply
0 votes
Lisa Rahder1
Lisa Rahder June 13, 2013

Is it MANDATORY to have this user assigned to a project role, is it enough if this user is assigned to the project, the project filter and the project board?

Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira Software
TAGS
AUG Leaders

Atlassian Community Events

    See all events