Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Jira Product is allowing any users to Administer Jira

Chad Fedie
Chad Fedie February 14, 2025

Hi,

Whenever I create a new user via non sso or sso, I ONLY grant them JSM Customer product access so that they can view on portal. Sometimes I grant Jira Software but whenever I do that, it allos that user to Administer Jira and view, create, edit all exisiting projects. When I look under global access settings, I don't see a group that matches for that user that would be allowing for this to happen. There is a trusted users groups that shows but when I click view users it doesn't even list that in the groups page. The user is in two groups but those are what assign his product access but once they login, they can see every single project in my site. Please see screenshots. Screenshot 2025-02-14 at 9.27.04 AM.pngScreenshot 2025-02-14 at 9.28.31 AM.png

Answer
Watch
Like John Funk likes this
71 views

1 answer

0 votes
Gerusa Lobo (e-Core)
Gerusa Lobo (e-Core)
Atlassian Partner
February 14, 2025

Hi @Chad Fedie 

About users can view all projects and edit issues, it could be about a permissions in Project Permission Schemes of the projects.

  • Maybe many projects permissions have any logged users permissions to view or edit issues. 
  • And Team Projects could be a "open" permission, allow all people to access them.

If they have access to manage project schemes, they have Jira Administrator Permission.

Best Regards.

View More Comments
Chad Fedie
Chad Fedie February 14, 2025

The thing is, the user isn't even in/added to any projects.

Like John Funk likes this
Gerusa Lobo (e-Core)
Gerusa Lobo (e-Core)
Atlassian Partner
February 14, 2025

Hi @Chad Fedie 

The project permission scheme able users access a projects.

Look at In Project Permission Scheme which groups have permission to:

  • Browse Projects
  • Edit Issues
  • Create issues

Like these:

Captura de Tela 2025-02-14 às 13.08.18.png

The recommendation is use a role for these kind permissions, but it is possible use a groups or even "logged users".

Best Regards.

Like John Funk likes this
Chad Fedie
Chad Fedie February 14, 2025

Atlassian still boggles me. So although Jira has Global Settings, these project permission schemes which are enforced to whatever projects they're assigned to, can also changed global settings? I do see theres an Administer Jira and Browse Projects in there. For a majority of our projects (61), the browse projects is set to any logged in user. you're suggesting I turn that off and recheck?

Like John Funk likes this
Gerusa Lobo (e-Core)
Gerusa Lobo (e-Core)
Atlassian Partner
February 14, 2025

Hi @Chad Fedie 

The Administer Jira Global Permission is about permission to Administer Jira System, to change system configuration and all kind of schemes, as workflows, screens, permissions, notifications,...

The project permission is configured in a permission scheme related of the project and give access to users for the projects.

If your problem is about users accessing any project creating and editing issues, yes, I suggest you create a new permission scheme to company projects that you want to be restrict, configuring a project role to permission at least for browse, create, and edit issues...

For teams managed project, you could configure them as Private or Limited.

For more information:

https://support.atlassian.com/jira-cloud-administration/docs/permissions-for-company-managed-projects/

Best Regards.

 

 

Like # people like this
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Atlassian Community Events

    See all events