Managing project permissions
The following table lists different types of project permissions and the functions they secure. Note that project permissions can also be used in workflow conditions.
Project permissions overview
Project permissions | Explanation |
---|---|
Administer projects | Permission to administer a project in Jira. This includes the ability to edit project role membership, project components, project versions, and some project details (Project Name, URL, Project Lead, Project Description). This permission granted together with the Browse Projects permission allows you to see the audit log for a specific project. |
Extended project administration | Gives the project administrator the ability to edit workflows and screens under certain conditions, as well as maintain their own workflows within predefined guardrails. |
Browse projects | Permission to browse projects, use the Issue Navigator, and view individual issues, except for the issues that have been restricted via issue-level security. Many other permissions depend on this permission. For example, the Work On Issues permission only works for users who also have the Browse Projects permission. This permission granted together with the Administer Projects permission allows you to see the audit log for a specific project. |
Manage sprints (only available to Jira Software users) | Permission to perform the following sprint-related actions for all projects on a board. When you have complex board filter queries, you should be careful with configuring the Manage Sprints permission for users. For more information on the impact of complex filters and ways to simplify your filter query, see Using Manage Sprints permission for advanced cases. |
Start/Complete sprints (only available to Jira Software users) | Permission to start sprints and end them when the sprint dates are set. This permission doesn’t allow you to change any sprint properties, such as the name, goal, and dates. You can only change sprint status to Active or Completed. |
Edit sprints (only available to Jira Software users) | Permission to change the sprint name and goal. With this permission, you can’t change sprint dates nor start or end a sprint. |
View development tools (only available to Jira Software users) | Permission to view the Development panel, which provides you with proper information to evaluate the status of an issue's development. |
View (read-only) workflow | Permission to view the project's read-only workflow when viewing an issue. This permission provides the View workflow link in the Status field in the issue view. |
Issue permissions | Explanation |
Assign issues | Permission to assign issues to users. This permissions also allows autocompletion of users in the Assign Issue dropdown. |
Assignable user | Permission allows a user to be assigned issues but doesn't include the ability to assign issues to other users. The latter is provided by the Assign Issues permission. |
Close issues | Permission to close issues based on the workflow conditions. This permission helps developers resolve issues and testers close them. It also requires the Transition Issue and Resolve Issue transitions. |
Create issues | Permission to create issues and sub-tasks (if enabled) in the project. To create attachments, the Create Attachments is also required. Users with this permission don’t need the Browse projects permission to create issues. However, you should still ensure that your users at least have permission to browse projects. Otherwise, even though they will be able to create an issue, they won’t be able to see it. |
Delete issues | Permission to delete issues along with individual comments and attachments in them.
|
Edit issues | Permission to edit issues and convert issues to sub-tasks and vice versa, if sub-tasks are enabled.
|
Link issues | Permission to link issues together when issue linking is enabled. |
Modify reporter | Permission to modify the Reporter of an issue so that it’s created on behalf of another user. This permission should generally only be granted to administrators. |
Move issues | Permission to move issues from one project to another or from one workflow to another workflow within the same project. With this permission, users can only move issues to a project where they have Create Issue permission. |
Resolve issues | Permission to resolve and reopen issues based on the workflow condition, as well as set the Fix for version field for issues. Note that this permission requires the Transition Issues permission. |
Schedule issues | Permission to schedule issues by editing the Due Date field. In older versions of Jira, this permission also controls the permission to view the Due Date field. |
Set issues security | Permission to set the security level for an issue to control who can access the issue. The permission is relevant if issue security has been enabled. |
Transition issues | Permission to change the status of an issue. |
Voters & watchers permissions | Explanation |
Manage watcher list | Permission to manage the watcher list of an issue: view users, add them to or remove them from the list. |
View voters and watchers | Permission to view the voter list and watcher list in issues. |
Comments permissions | Explanation |
Add comments | Permission to add comments to issues but without the ability to edit or delete comments. |
Delete all comments | Permission to delete any comments, regardless of who added them. |
Delete own comments | A user with this permission can delete only their own comments. |
Edit all comments | Permission to edit any comments, regardless of who added them. |
Edit own comments | A user with this permission can edit only their own comments. |
Attachments permissions | Explanation |
Create attachments | Permission to attach files to issues if attachments are enabled. But this permission doesn't include the ability to delete attachments. |
Delete all attachments | Permission to delete any attachments, regardless of who added them. |
Delete own attachments | A user with this permission can delete only their own attachments. |
Time-tracking permissions | Explanation |
Work on issues | Permission to log work on an issue, that is to create a worklog entry, if time tracking is enabled. This permission is required as a prerequisite for applying the other time-tracking permissions. |
Delete all worklogs | Permission to delete any worklog entries, regardless of who added them. This permission works if time tracking is enabled. |
Delete own worklogs | A user with this permission can delete only their own worklog entries. This permission works if time tracking is enabled. |
Edit all worklogs | Permission to edit any worklog entries, regardless of who added them. This permission works if time tracking is enabled. |
Edit own worklogs | A user with this permission can edit only their own worklog entries. This permission works if time tracking is enabled. |
Archiving permissions | Explanation |
Archive issues for a project | Permission to archive issues in a specific project. But this permission doesn't allow you to archive issues in bulk. |
Restore issues for a project | Permission to restore issues in a specific project. |
Browse archive | Permission to view all archived issues. To do it, go to Issues > Archived issues. |
Browse project archive | Permission to view archived issues that belong to a specific project. To find archived issues, go to Issues > Archived issues. |
Permission schemes
Learn about the concept of permission scheme and why you should use it to configure user permission on your Jira instance.
What is a permission scheme?
A permission scheme is a set of assignments between project permission and a user, group, or role. Every project has a permission scheme. One permission scheme can be associated with multiple projects.
Why permission schemes?
In many organizations, multiple projects have the same needs regarding access rights. For example, only a specified project team may be authorized to assign and work on issues.
Permission schemes eliminate the need to set up permissions individually for every project. Once a permission scheme is set up it can be applied to all projects that have the same type of access requirements.
Creating a permission scheme
To create a new permission scheme:
- In the upper-right corner of the screen, select Administration > Issues.
- Under Issue security schemes (the left-side panel), select Permission schemes to open the list of all permission schemes in your Jira and the projects that use each scheme.
- Select Add permission scheme.
- In the Add permission scheme form, enter a name and a short description of the scheme.
- Select Add. You'll return to the Permission schemes page where you'll find the newly added scheme.
Adding users, groups, or roles to a permission scheme
To add a user, group, or role that can have permissions from a permission scheme:
- In the upper-right corner of the screen, select Administration > Issues.
- Under Issue security schemes (the left-side panel), select Permission schemes to open the list of all permission schemes in your Jira and the projects that use each scheme.
- Open a desired scheme by selecting Permissions in the Actions column.
- Select Edit for a permission where you want to add a user, group, or role.
- You’ll see the Grant permission dialog. Select who you want to grant the permission to. Select Grant. The selected users, groups, and roles will be added to the permission.
Project roles are useful for defining specific team members for each project. Selecting project roles rather than users or groups can help you minimize the number of permission schemes in the system.
Deleting users, groups, or roles from a permission scheme
To remove a user, group, or role from a permission scheme:
- In the upper-right corner of the screen, select Administration > Issues.
- Under Issue security schemes (the left-side panel), select Permission schemes to open the list of all permission schemes in your Jira and the projects that use each scheme.
- Open a desired scheme by selecting Permissions in the Actions column.
- Select Remove for a permission where you want to delete a user, group, or role
- Select a user, group, or role you want to remove. Then, select Remove. The deleted users, groups, and roles won’t be able to perform an action provided by the permission.
Associating a permission scheme with a project
To apply a permission scheme for a project:
- In the upper-right corner of the screen, select Administration > Projects.
- Select a desired project. See Defining a project for more information.
- In the Project settings, go to Permissions.
- Select Actions > Use a different scheme.
- On the Associate permission scheme to project page, select a permission scheme you want to associate with the project.
- Select Associate. The scheme will be applied for the project.
Deleting a permission scheme
To delete a permission scheme:
- In the upper-right corner of the screen, select Administration > Issues.
- Under Issue security schemes (the left-side panel), select Permission schemes to open the list of all permission schemes in your Jira and the projects that use each scheme.
- Select Delete in the Actions column. Note that you can delete the Default Permission Scheme.
- On the Delete permission scheme page, select Delete to confirm your action. The scheme will be deleted. All associated projects will be automatically associated with the Default Permission Scheme.
Copying a permission scheme
To copy a permission scheme:
- In the upper-right corner of the screen, select Administration > Issues.
- Select Permission schemes to open the list of all permission schemes in your Jira and the projects that use each scheme.
- Select Copy in the Actions column. The copy will be created with the same permissions as well as with the same users, groups, and roles assigned to them.