Project Role (atlassian-addons-project-access) has been added to our project permissions?

Mandi Chiancone
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
July 22, 2015

A new user role has been added to all of our permissions, but we did not add it. Does anyone know what this user is and if we need it? I assume it was part of the maintenance push from last week, but am not 100% sure. 

3 answers

1 accepted

6 votes
Answer accepted
seb
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
July 22, 2015

When a Cloud add-on is installed into your instance that requests permission to view project data, a new group is created "atlassian-addons-project-access". We put a user in this group which is only available to the add-on.

This allows you to finely restrict access from specific projects. By default, the add-on is given access to all projects.

Nader Hadji Ghanbari February 10, 2016

The concept is nice (giving fine-grained access to project admins). BTW we have problems with JIRA Service Desk right now, the add-on can not access JIRA Service Desk projects (server to server) as it receives a 404 error (add-on user has the atlassian-addons-project-access role as you mentioned). Any ideas? (so far this problem occurs for us only for Service Desk projects)

Nader Hadji Ghanbari February 11, 2016

Seems like when we create new Service Desk projects, a new permission scheme is created for each and the atlassian-addons-project-access is not part of that scheme.

Like # people like this
Pauline Monroy January 14, 2019

I had installed an add-on and noticed a difference when I couldnt view new service desk projects that I created as site admin itself. Thank you for sharing this clear response @seb. Really helpful!

Like # people like this
Sergei Gridnevskii
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
February 11, 2021

Not a good idea to give addons all access to your data. Of course atlassian checks cloud addons, but who can be sure that the plugin does not have a time bomb or steals passwords or credit card numbers from issues?

I would prefer that an addon lists required permissions in documentation and that admin can choose which addon has access to this or that data in project. E.g. sprint addon may schedule issues and transit them, but it should not read comments nor description.

0 votes
Robert Massaioli _Atlassian_
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
July 22, 2015

Did you install an Atlassian cloud add-on recently? This looks like a automatically created group from an Atlassian Connect add-on to give it the required permissions that it's scopes requested at install time.

0 votes
Rodrigo Silva
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
July 22, 2015

Hey Amanda, in case this user is the System Administrator, than this could be related to any troubleshooting / workaround being executed from Atlassian's end. In case not, I believe you may want to open a ticket to Support.

Cheers,

Rodrigo Silva 

Suggest an answer

Log in or Sign up to answer