Jira permission profiles

Dear everyone,

I was asked for creating a new Jira project. I created it but as far as I know I have to create and assign a proper permission profile which will limit the access to this profile, because the default permissions profile allows everyone to access anything in the entire organization. Is this right?

Furthermore, the project owner can invite people to access the project - this is why I don't understand how it should be configured properly.

Thnx, S.

1 answer

0 votes

It's a little more complex than that.  You need to look at two things.

First, there is the "permission scheme".  This is a set of rules that says who in your system can do what with a project.  It does not usually refer directly to individuals or groups (it can, but we strongly recommend that you do not do that).  It usually refers to jira-roles and dynamic roles. 

So, if you have a look at the default permission scheme you will find it says things like "Browse: role users", "Log work: role developers" and quite often people will do things with dynamic roles like "Log work: assignee" (which allows the current assignee to log work while it is assigned to them).

The second part of it is to understand the roles.  These are collections of people in the project, either individuals or groups.  You have to look at the project to see this, and yes, this is where a project administrators (often, but not always the "owner") can add and remove users and groups on the project

In the default permission scheme, you have a rule "Browse: role users".  By default when you create a project, JIRA will drop a group like "jira users" into the role of "users".  The jira users group is usually "everyone who can log in", so the default is to let everyone into the project.

I usually recommend at least changing the default add of any groups into roles (under admin -> groups) so that no-one is added automatically.  Then I usually set the permission scheme so that the "project lead" has "project administration" and then let them choose who they want to add to users, developers and other roles.

Suggest an answer

Log in or Join to answer
Community showcase
Sarah Schuster
Posted Jan 29, 2018 in Jira

What are common themes you've seen across successful & failed Jira Software implementations?

Hey everyone! My name is Sarah Schuster, and I'm a Customer Success Manager in Atlassian specializing in Jira Software Cloud. Over the next few weeks I will be posting discussion topics (8 total) to ...

3,042 views 13 18
Join discussion

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you
Atlassian Team Tour

Join us on the Team Tour

We're bringing product updates and pro tips on teamwork to ten cities around the world.

Save your spot