security & visability

Jessica Bråne October 7, 2020

Hi,

We are just about to switch from trello to Jira next gen for our product development. We are still a small company and team and should be able to start off with the free plan for now. But got surprised when I just read something similar to "all that has access to the website has access to the project. What does that mean? We need to very sure the content we add in our project is not visible for anyone outside the organisation, or only to the people that has been added to the account. Its ok for us to not be able to differ access for the different projects but I still want to make sure no one that has not been invited can see our boards. Can you please confirm?

 

Thank you,

Jessica

1 answer

0 votes
Callum Carlile _Automation Consultants_
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
October 7, 2020

Hi @Jessica Bråne

For Jira next-gen projects, you can't allow anonymous access. If you want to allow anonymous access, you'd need to create a classic project rather than a next-gen project - this article here will give you some more information on this.

You might also want to remove the default 'public' group from the Jira global permission Create next-gen projects.

Hope this helps!

Jessica Bråne October 7, 2020

Thanks for a quick reply! Ah ok great. I'm not looking anonymous access, the opposite :) But based on your answer I guess I can be "safe" then that our project can only be accessed by invited, is that correct? What does "public" group in this case actally mean, all that has the link? Or all that has been added to the account?

The copy in swedish: "Alla som har åtkomst till webbplatsen xxx kan komma åt och administrera det här projektet. Uppgradera din plan för att anpassa projektets behörigheter. Läs mer om planer" 

is quite confusing to me at least. Can be understood as every one that can reach the website can reach and administrate the Jira project. 

Callum Carlile _Automation Consultants_
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
October 8, 2020

@Jessica Bråne Yeah that's correct, Next-gen project permissions are simpler than Classic Jira projects and have only 3 levels of access (none of which allow the Public to view a project) so your project content will be safe :)

You will invite users to your Jira instance, where they will be able to create an account/login, and then you can change your project access level (Open, Limited or Private, which you can edit in the project settings) and then based on this, you may need to add users to the project if the access level has been restricted.

I believe the Public permission is anyone who has the link to the project

Suggest an answer

Log in or Sign up to answer