Cloud admins now have more control over their User Access Settings

Big news@2x.png                              Building Functionality@2x.png

Update 15/09/2022For clarity and due to changing timelines, we’ve made some edits to this page since it was first published on Oct 17, 2021.

 

What's changing?

We're excited to introduce centralized user access settings for your organization at admin.atlassian.com. It’s now easier for admins who manage multiple cloud products to control who can access their products and how. These changes affect the Site access screen.

In phase one, we introduced these changes to all new customers across all plans – Free, Standard, Premium, and Enterprise. If you created an organization after September 2021, you’ll already have the new designs and configure your user access settings from your organization at admin.atlassian.com.

Later, in phase two, we’ll make these changes available to all existing customers. There’s nothing you need to do, we’ll start rolling out the changes automatically from ~June 2022.

Initially, these changes are only available for Jira Software, Jira Service Management, Jira Work Management, Confluence, Opsgenie, and Statuspage cloud products. Bitbucket and Trello are excluded.

 

Why is Atlassian doing this?

It’s all part of our wider vision to improve and simplify your experience when administering multiple Atlassian cloud products. For instance, you may have seen our earlier announcement that we are centralizing user management.

Our goal with these changes is to give you more:

  • Granular control: You’ll be able to configure settings per product and per domain, giving you greater control over who can access which products, and how they access them.

  • Transparency: When you make changes to different settings, we’ve made it clear and easy for you to understand the impact.

  • Flexibility: If you don’t use certain features, you’ll be able to turn them off (coming soon).

 

The new User Access Settings screen

You’ll find the new User access settings screen from your organization at admin.atlassian.com, under Products. This gives you more granular control to configure users' access per product.

Previously, these settings were under your site. If you had multiple sites in your organization, you needed to navigate to each site to configure your user access settings. Now it’s all managed in one place.

1.png

 

Access requests and approved domains

You will notice that in the new designs, there is no longer a dedicated tab for Access request. Instead, when you add or edit a domain in Approved domains, you can specify whether admin approval is needed for that user to join the product. You can configure this via the checkbox beside each product when adding or editing a domain. This means you can now configure access requests per product, per domain. If admin approval is required, an access request will be generated and we’ll notify all organization admins.

new post.png

User invites

User invites control how existing users can invite other people to your products. You can configure your settings to allow existing users to grant direct access to other people, or require all user invites to be approved by an admin first. You can now configure your user invite settings per product. Then, in phase three, you’ll be able to turn this setting off. Keep an eye on the ID-6682 - Improve Request Access feature Jira ticket for updates.

user invites.png

Invitation links

Previously these were called invite links – and you could only generate links for products within a specific site. Now, you can configure invitation links for any products, in any sites, within your organization.

Invitation Links.png

What do I need to do?

You don't need to do anything! These changes will happen in the background, with no interruption to service.

When will this happen?

Phase 1: New customers who created an organization after 20th September 2021 already have these changes.

Phase 2: Existing customers will start seeing these changes from June 2022 onwards

Phase 3: We’ll be making additional feature improvements, addressing your feedback and suggestions. We’ll share a new Community announcement detailing these changes once they’re about to be rolled out.

 

Tell us what you think

We'd love to get feedback about these changes. Influence the future of Atlassian Cloud by using the Give feedback link in admin.atlassian.com!

11 comments

M Amine
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
January 12, 2022

I would suggest adding some tooltips or guides in the UI pointing to these types of articles as changes are rolling out.

Like # people like this
Fabio Genovese
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
August 14, 2022

In my opinion, I think a much more comprehensive article explaining how the cloud administration system changes is more appropriate. As a partner, I struggle to explain to my customers how they can manage this section after the introduction of the new UI. 

By my side, I will produce this article in order to explain it to Italian-speaking users.

Like # people like this
Ted
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
August 16, 2022

Oct 17, 2021 

 

It's a bit confusing as I had just got the email notification saying  

 

We have recently announced some improvements to your site access settings experience.

Like # people like this
Jean Gordon August 25, 2022

What this has done is allow ANYONE to request access which is NOT how our company works

I cant even switch off or toggle off which make it a security breach for our company

Another rubbish idea from Atalssian!!

Like # people like this
Deleted user September 14, 2022

I agree with @Fabio Genovese, a more descriptive article is certainly helpful.

Like # people like this
Yatish Madhav
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
December 11, 2022

Thanks for this article and the https://community.atlassian.com/t5/Atlassian-Access-articles/User-management-for-cloud-admins-just-got-easier/ba-p/1576592 one

I got the email with subject line "Improvements to your site access settings" that lead me here. Clicked on the Explore new settings button and it takes me to the org that has this set up

I am still waiting for this and the other articles changes to affect out "main" instance ... I will wait I guess as per the comments on that article

Thank you

Like # people like this
Mariusz Polak December 14, 2022

So... now it's impossible to switch off access requests? Great news for spammers!

And moreover - a Site Admin has no access to SITE access settings anymore? Yeah, sounds legit....

Like # people like this
Kasper Ell December 15, 2022

Will this also include access control that allows for exclusion instead of inclusion?

Eg. all projects are open to all users, but I need to exclude X users from certain projects.

Right now I am using groups to include all users to the boards, but I would prefer the exclusion method.

Like # people like this
Adam Abrahams January 8, 2023

@Kasper Ell I've been using groups as well which is tedious and open to mistakes (as we've expereinced). Would be great to have a feature that allows certain board/projects to be locked and then added via the user invite, rather than creating groups upon groups.

Like # people like this
Jean Gordon January 9, 2023

Please do NOT introduce this for ALL

We changed back due to spammers and security issues but now you are making everyone have this RUBBISH change.

This does NOT fit in with our security across our company and I as admin will have MORE work.

The 2 options are rubbish as means ANYONE trying to breach site can make up invite including BOTs.

If you insist on giving this pants security breach feature to everyone, there needs to be an additional option as the options you have are 

  • Require admin approval - yes more work for us who administer site as well as their own job so NOT suitable
  • Invite anyone - definitely NOT an option

We need to have the functionality as we currently do so that 

  1. New users cannot request access
  2. We can set so that we dont allow or approve any domain
  3. Existing users cannot invite anyone

Your changes will mean we have

  • need to have additional licences in use when we dont just give anyone in our company access
  • admin have more work as have to check requests are valid and where not address the situation

Our process is for new people to request access to ensure we have the correct number of licences and we dont allow anyone without a company email to have access.

I am happy to raise a fault if you decide it is acceptable for everyone to have security risk and additional work

Like # people like this
Christine Nguyen April 3, 2023

Here is my situation and hope someone have some recommendations that I can talk to my Jira organization admin to restrict user to openly invite other users to a site.

We have Jira enterprise that are used by many different divisions, which each division is responsible to manage the site’s user access and user licenses.

Recently, I see external users are being added to my division’s site by a user named “Jira”.  The problem here is security to our division’s data on our projects as well as problems with licensing costs.

As a site’s admin, I can’t see or control site or product access to my site anymore as it has been moved to be controlled by the org admin.  Talked to my org admin, I was informed that the default was set to open for any existing user can invite anyone to be granted access to our division site and product, and they can’t change it because it will impact the entire organization and that my division is the only one who has problem with it.  They say the only way is to tell my division users not to invite people to the site.

Does anyone know or have any recommendations that help me convince my org admin that requiring access approval can be managed and set so that a site admin can restrict random users getting access to the site like this case?

Comment

Log in or Sign up to comment
TAGS
AUG Leaders

Atlassian Community Events