Heads up! On March 5, starting at 4:30 PM Central Time, our community will be undergoing scheduled maintenance for a few hours. During this time, you will find the site temporarily inaccessible. Thanks for your patience. Read more.

×
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

User admin permissions

Yatish Madhav
Yatish Madhav
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
November 7, 2024

Hi

I have an odd question that I MIGHT'VE asked before but still confused ...

What permission do I give someone that needs to simply manage user passwords, user account MFA only? Not org admin permissions or any extra permission other than that and what they have access to through permission schemes on projects/issues.

Please advise?

Thank you

Yatish

Answer
Watch
Like Be the first to like this
572 views

3 answers

1 accepted

1 vote
Answer accepted
Adam Jones
Adam Jones November 7, 2024

According to the documentation, only the Organization Admins can Manage Passwords and MFA like the two-steps verification. 

What are the different types of admin roles? | Atlassian Support

View More Comments
Yatish Madhav
Yatish Madhav
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
November 12, 2024

Thanks @Adam Jones - i dreaded to see this as the responses. 

Is my frustration on this just that org admin is the only permission ... I would have expected and wanted user access admin to allow this but it does not.

Thank you for this comment though.

Like
Reply
0 votes
Saif Ayashi
Saif Ayashi
Banned
November 7, 2024

Hi Yatish,

You can grant someone the ability to manage user passwords and multi-factor authentication (MFA) without giving them full organization admin permissions by assigning them the User Administrator role in Atlassian Access.

User Administrators have the following capabilities:

  • Manage Users and Groups: They can add, remove, and edit users and groups.
  • Reset Passwords: They can reset user passwords when necessary.
  • Manage MFA: They can disable two-step verification (MFA) for users who are locked out.

They will not have access to:

  • Organization Settings: They cannot change organization-wide settings.
  • Billing Information: They have no access to billing or subscription details.
  • Security Policies: They cannot modify security policies or SSO configurations.

Here's how to assign the User Administrator role:

  1. Access Organization Administration:

    • Go to admin.atlassian.com.
    • If you have multiple organizations, select the one you want to manage.

  2. Navigate to the Administrators Page:

    • In the left-hand sidebar, click on Administrators.

  3. Add a User Administrator:

    • Click on Add administrators.
    • Enter the email address of the person you want to assign the role to.
    • From the Role dropdown, select User administrators.
    • Click Grant access.

Once assigned, the user will have the necessary permissions to manage user passwords and MFA settings without additional access to sensitive administrative areas.

 

View More Comments
Adam Jones
Adam Jones November 7, 2024

Hello Saif,

I'm trying to find the role you are suggesting but I struggle to do so. Is this valid for a Cloud? 

Anyhow. I think the correct role is still the Org Admin as the table of abilities suggest the other roles can't do what Yatish is trying to achieve - Org admin only.png

What are the different types of admin roles? | Atlassian Support

Perhaps it will possible to edit the default admin group to remove some permissions? 

Like
Yatish Madhav
Yatish Madhav
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
November 13, 2024

Thanks @Saif Ayashi for that response - I'm with @Adam Jones  on his response.

Is the User Administrators on Jira Server perhaps? I am looking for improved user admin on Jira cloud here.

I hope Atlassian can see this post and provide some feedback.

Thank you

Like
Reply
0 votes
Anandhi Arumugam _Cprime_
Anandhi Arumugam _Cprime_
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
November 7, 2024

Hi @Yatish Madhav You could try the user access admin permission against the Product that they need access to.

User access admins can perform these organization operations:

For the product they administer, they can:

  • Make other users product admins.

  • Invite users, change their product access, and alter groups.

Hope this helps!

View More Comments
Yatish Madhav
Yatish Madhav
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
November 12, 2024

Thanks @Anandhi Arumugam _Cprime_  - unfortunately ... this does not give the needed access. Please see other comments. 

Thank you though. Much appreciated

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
PREMIUM
PERMISSIONS LEVEL
Product Admin
TAGS
AUG Leaders

Atlassian Community Events

    See all events