Restricted functions in JIRA Cloud applications

Generally speaking, all functions performed by the JIRA System administrator in JIRA server applications are restricted in JIRA Cloud applications. The following table lists all of the functions that are restricted in JIRA Cloud applications, even to users with administrator permissions. The table below also lists whether the function can be configured by Atlassian Technical Support on request. If not, then it is unavailable for your configuration in JIRA Cloud applications.

Restricted function

Configurable on request?


General Configuration

  • External user management
  • JIRA as a user server


A limited number of specific General Configuration and Advanced Settings options are available in JIRA Cloud applications. External user management is not available.

System Administrator Permissions


The JIRA 'System Administrator' global permission is not available in JIRA Cloud applications. The 'JIRA administrators' permission is still available. You can see a list of differences between the two administration types here.

Configuring an outgoing (SMTP) Mail server


Atlassian Cloud comes with an internal SMTP server configured to send notifications.
The prefix is not configurable.

Incoming Mail Servers

  • Configuring File system messages


POP/IMAP Mail Servers are configurable in JIRA Cloud applications but File system messages are not. Note that you can create issues via email using those POP/IMAP servers.
Changing project key pattern No  

Configuring listeners


Please see  AOD-6015 - Getting issue details... STATUS for the status of this functionality request.

Configuring services



Customizing source files



Customizing email content


The procedure for customizing email content sent in notification messages requires editing Velocity files within the JIRA web app. This makes it a special case of "customizing source files". See AOD-1791 - Getting issue details... STATUS and JRA-7266 - Getting issue details... STATUS for suggestions to allow customization of email contents through the web UI.

Changing the index path



Running the integrity checker



Configuring logging and profiling information


In Labs we have an Audit feature available. The feature can be enabled at the following location:


Accessing the scheduler



Importing data


Please read Import and export data for information on supported imports for JIRA Cloud. Imports from certain non-Atlassian products (e.g. Bugzilla FogBugz for Your Server) or single project imports can be performed using a local evaluation copy of JIRA to create a compatible backup that can be imported into JIRA Cloud.

Importing XML workflows into JIRA


It is possible to Import Workflow from Marketplace only.

Importing JIRA projects No

Restoring a project from backup does not apply to JIRA Cloud.

Please see JRA-31806 - Getting issue details... STATUS for the related feature request status, and Project Import From JIRA Server to JIRA Cloud for workaround.



Please see Add-ons and plugins for the list of supported add-ons.

Disabling attachments, or setting the attachment path


Attachments enabled by default

Running Jelly scripts


Please see CLOUD-1439 - Getting issue details... STATUS for the related feature request status.

Configuring LDAP integration



Configuring trusted applications



Configuring application links Yes  
Connecting local Bamboo installations Yes  

Accessing license details



Modifying SysAdmin users & attributes



Deactivating users No It is not possible to 'deactivate' a user in JIRA Cloud applications. See Manage application access for information on how restrict a user's access to one or more applications in Atlassian Cloud.
Renaming users Yes

It is possible to rename a JIRA application and/or Confluence user in Cloud User Management.
It is not possible to rename Bamboo users.

Remote API (REST)


For more information, see JIRA REST APIs.

Installing intermediate SSL certificates No

It is not possible to install intermediate certificates in JIRA Cloud applications. The potential impact might be that you will run into problems when adding secure POP/IMAP mail servers that have certificates signed by non-root CAs.

The workaround is to obtain a certificate signed by a trusted root Certification Authority (CA). The full list is here.

HTML and JavaScript in issue fields No This feature creates an XSS vulnerability that could allow malicious users to gain system administrator permissions and use the Cloud infrastructure for nefarious purposes. Wiki markup is still available.
Text Gadget No This gadget creates an XSS vulnerability as it can contain arbitrary HTML. Please see JRA-29848 - Getting issue details... STATUS .
Uploading custom icons for issue type and priority No This is tracked at  JRA-21246 - Getting issue details... STATUS .
Default session timeout No This is tracked at JRA-34258 - Getting issue details... STATUS .
External gadgets No  
Change number of workflow transition buttons Yes Create a support request with the number of transition buttons you want, and a 15-minute maintenance window (with 24 hours of notice) and Atlassian Support will configure it for you. (We'll be working from Advanced workflow configuration).
Configuring OAuth authentication No

You need the 'JIRA System Administrators' global permission to do that.

3 Legged OAuth is automatically configured for Application Links.
2 Legged OAuth with impersonation is not available.
2 Legged OAuth without impersonation is available and required for the Development Panel. Use this type to connect to Bitbucket Server and Bamboo Server.

Configuring Secure Administrator Sessions No  
Last modified on Sep 4, 2017

Was this helpful?

Provide feedback about this article
Powered by Confluence and Scroll Viewport.