Hi @Stefan Kobitsch-Meyer and welcome to the Community!
If the permissions across your site have been configured properly, granting access to an external user is exactly the same as to an internal user:
- The user needs product access, as viewing data from a Jira project (even through a Plan) requires a license.
- The user needs browse project permission to the project as well.
Granting this permission is different in company managed and team managed projects, but you grant it in exactly the same way as you would for your internal users.
Coming back to the proper configuration of permissions from my first sentence: making sure that a user does not have access to any other projects than the one you specifically want to allow, obviously may have an impact on any project in your instance.
If you (or your organization) has a practice to grant browse project permissions to any logged in user, then this will expose all these projects to the new, external user as well as soon as he gets his Jira license and logs into your environment. This is something you will need to review across your site.
In practice, that means reviewing all Permission Schemes you have in use for company managed projects and replacing the all logged in users by a user group/project role that only contains your internal users. For team managed projects you would need to verify the permission settings for each project, making sure they are not publicly accessible.
Hope this helps!
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.