Hi @Anjali Patel ,
Welcome to the community!
- Create a group for read-only users and add read-only users to the group.
- In the User Administration at Product access configuration, enable access for the new group (required in order for the account to login)
- Go to User Administration > Product access
- Click Add group for the target product (like JIRA Software or JIRA Core)
- Choose the newly created group from the list
- Add group
- Remove the read-only users from other 'internal' groups such as the default 'jira-users' group.
- Create a Project Role named Read Only and add the group to it.
- Add the Role to the project Permission Scheme. Each permission is mutually exclusive with the main permissions being as follows:
- Browse Project << For read-only use only this
- Create Issue
- Edit Issue
You may certainly grant additional permissions beyond what is recommended here. A good approach is to restrict the roles as much as possible and add permissions as needed. It is much safer to add permissions on an as-needed basis as opposed to possibly exposing too much data.
By using Project Roles you'll be able to reuse the Permission Scheme between different projects that have different read-only users.
Test the scenario and make adjustments accordingly.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.