Heads up! On March 5, starting at 4:30 PM Central Time, our community will be undergoing scheduled maintenance for a few hours. During this time, you will find the site temporarily inaccessible. Thanks for your patience. Read more.

×
Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

User admin permissions

Yatish Madhav
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
November 7, 2024

Hi

I have an odd question that I MIGHT'VE asked before but still confused ...

What permission do I give someone that needs to simply manage user passwords, user account MFA only? Not org admin permissions or any extra permission other than that and what they have access to through permission schemes on projects/issues.

Please advise?

Thank you

Yatish

3 answers

1 accepted

1 vote
Answer accepted
Adam Jones November 7, 2024

According to the documentation, only the Organization Admins can Manage Passwords and MFA like the two-steps verification. 

What are the different types of admin roles? | Atlassian Support

Yatish Madhav
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
November 12, 2024

Thanks @Adam Jones - i dreaded to see this as the responses. 

Is my frustration on this just that org admin is the only permission ... I would have expected and wanted user access admin to allow this but it does not.

Thank you for this comment though.

0 votes
Saif Ayashi
Banned
November 7, 2024

Hi Yatish,

You can grant someone the ability to manage user passwords and multi-factor authentication (MFA) without giving them full organization admin permissions by assigning them the User Administrator role in Atlassian Access.

User Administrators have the following capabilities:

  • Manage Users and Groups: They can add, remove, and edit users and groups.
  • Reset Passwords: They can reset user passwords when necessary.
  • Manage MFA: They can disable two-step verification (MFA) for users who are locked out.

They will not have access to:

  • Organization Settings: They cannot change organization-wide settings.
  • Billing Information: They have no access to billing or subscription details.
  • Security Policies: They cannot modify security policies or SSO configurations.

Here's how to assign the User Administrator role:

  1. Access Organization Administration:

    • Go to admin.atlassian.com.
    • If you have multiple organizations, select the one you want to manage.
  2. Navigate to the Administrators Page:

    • In the left-hand sidebar, click on Administrators.
  3. Add a User Administrator:

    • Click on Add administrators.
    • Enter the email address of the person you want to assign the role to.
    • From the Role dropdown, select User administrators.
    • Click Grant access.

Once assigned, the user will have the necessary permissions to manage user passwords and MFA settings without additional access to sensitive administrative areas.

 

Adam Jones November 7, 2024

Hello Saif,

I'm trying to find the role you are suggesting but I struggle to do so. Is this valid for a Cloud? 

Anyhow. I think the correct role is still the Org Admin as the table of abilities suggest the other roles can't do what Yatish is trying to achieve - Org admin only.png

What are the different types of admin roles? | Atlassian Support

Perhaps it will possible to edit the default admin group to remove some permissions? 

Yatish Madhav
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
November 13, 2024

Thanks @Saif Ayashi for that response - I'm with @Adam Jones  on his response.

Is the User Administrators on Jira Server perhaps? I am looking for improved user admin on Jira cloud here.

I hope Atlassian can see this post and provide some feedback.

Thank you

0 votes
Anandhi Arumugam _Cprime_
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
November 7, 2024

Hi @Yatish Madhav You could try the user access admin permission against the Product that they need access to.

User access admins can perform these organization operations:

For the product they administer, they can:

  • Make other users product admins.

  • Invite users, change their product access, and alter groups.

Hope this helps!

Yatish Madhav
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
November 12, 2024

Thanks @Anandhi Arumugam _Cprime_  - unfortunately ... this does not give the needed access. Please see other comments. 

Thank you though. Much appreciated

Suggest an answer

Log in or Sign up to answer
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
PREMIUM
PERMISSIONS LEVEL
Product Admin
TAGS
AUG Leaders

Atlassian Community Events