Jira permission profiles

Dear everyone,

I was asked for creating a new Jira project. I created it but as far as I know I have to create and assign a proper permission profile which will limit the access to this profile, because the default permissions profile allows everyone to access anything in the entire organization. Is this right?

Furthermore, the project owner can invite people to access the project - this is why I don't understand how it should be configured properly.

Thnx, S.

1 answer

0 vote

It's a little more complex than that.  You need to look at two things.

First, there is the "permission scheme".  This is a set of rules that says who in your system can do what with a project.  It does not usually refer directly to individuals or groups (it can, but we strongly recommend that you do not do that).  It usually refers to jira-roles and dynamic roles. 

So, if you have a look at the default permission scheme you will find it says things like "Browse: role users", "Log work: role developers" and quite often people will do things with dynamic roles like "Log work: assignee" (which allows the current assignee to log work while it is assigned to them).

The second part of it is to understand the roles.  These are collections of people in the project, either individuals or groups.  You have to look at the project to see this, and yes, this is where a project administrators (often, but not always the "owner") can add and remove users and groups on the project

In the default permission scheme, you have a rule "Browse: role users".  By default when you create a project, JIRA will drop a group like "jira users" into the role of "users".  The jira users group is usually "everyone who can log in", so the default is to let everyone into the project.

I usually recommend at least changing the default add of any groups into roles (under admin -> groups) so that no-one is added automatically.  Then I usually set the permission scheme so that the "project lead" has "project administration" and then let them choose who they want to add to users, developers and other roles.

Suggest an answer

Log in or Sign up to answer
Atlassian Community Anniversary

Happy Anniversary, Atlassian Community!

This community is celebrating its one-year anniversary and Atlassian co-founder Mike Cannon-Brookes has all the feels.

Read more
Community showcase
Julia Dillon
Posted Tuesday in Jira

Tell us how your team runs on Jira!

Hey Atlassian Community! Today we are launching a bunch of customer stories about the amazing work teams, like Dropbox and Twilio, are doing with Jira. You can check out the stories here. The thi...

147 views 1 17
Join discussion

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you