Documentation for JIRA 4.1. Documentation for other versions of JIRA is available too.

Skip to end of metadata
Go to start of metadata

Global permissions are system wide.

Icon

See also project permissions, which apply to individual projects.

Global permissions are granted to groups of users.

This table lists the different global permissions and the functions they secure:

Global Permission

Explanation

JIRA System Administrators

Permission to perform all JIRA administration functions.
(warning) does not include JIRA Users permission. A user with JIRA System Administrators will be able to log in to JIRA without the JIRA Users permission, but may not be able to perform all regular user functions, e.g. edit their profile.

JIRA Administrators

Permission to perform most JIRA administration functions (see list of exclusions below).
(warning) does not include JIRA Users permission. A user with JIRA Administrators will be able to log in to JIRA without the JIRA Users permission, but may not be able to perform all regular user functions, e.g. edit their profile.

JIRA Users

Permission to log in to JIRA.
(info) Granting the JIRA Users permission to a group also means that all newly created users will be automatically added to that group.

Browse Users

Permission to view a list of all JIRA user names and group names. Used for selecting users/groups in popup screens (such as the 'User Picker').

Create Shared Object

Permission to share a filter or dashboard globally or with groups of users.

Manage Group Filter Subscriptions

Permission to manage (create and delete) group filter subscriptions.

Bulk Change

Permission to execute the bulk operations within JIRA:
- Bulk Edit *
- Bulk Move *
- Bulk Workflow Transition
- Bulk Delete *
( * subject to project-specific permissions.)

(warning) The decision to grant the Bulk Change permission should be considered carefully. This permission grants users the ability to modify a collection of issues at once. For example, in JIRA installations configured to run in Public mode (i.e. anybody can sign up and create issues), a user with the Bulk Change global permission and the Add Comments project permission could comment on all accessible issues. Undoing such modifications may not be possible through the JIRA application interface and may require changes made directly against the database (which is not recommended).

About 'JIRA System Administrators' and 'JIRA Administrators'

People who have the JIRA System Administrators permission can perform all of the administration functions in JIRA, while people who have only the JIRA Administrators permission cannot perform functions which could affect the application environment or network. This is useful for organisations which need to delegate some administrative privileges (e.g. creating users, creating projects) to particular people, without granting them complete rights to administer the JIRA system.

By default, the jira-administrators group has both the JIRA Administrators permission and the JIRA System Administrators permission. If you need some people to have only the JIRA Administrators permission (and not the JIRA System Administrators permission), you will need to use two separate groups, e.g.:

  1. Create a new group (e.g. called jira-system-administrators).
  2. Add to the jira-system-administrators group everyone who needs to have the JIRA System Administrators permission.
  3. Grant the JIRA System Administrators permission to the jira-system-administrators group.
  4. Remove the JIRA System Administrators permission from the jira-administrators group.
  5. (Optional, but recommended for ease of maintenance) Remove from the jira-administrators group everyone who is a member of the jira-system-administrators group.

People who have the JIRA Administrators permission (and not the JIRA System Administrators permission) cannot do the following:

It is recommended that people who have the JIRA Administrators permission (and not the JIRA System Administrators permission) are not given direct access to the JIRA filesystem or database.

Granting global permissions

  1. Log in as a user with the JIRA Administrators global permission (or the JIRA System Administrators global permission, if you need to grant the JIRA System Administrators global permission).
  2. Bring up the administration page by clicking either the 'Administration' link on the top bar or the title of the Administration box on the dashboard.
  3. In the panel on the left, under the title Global Settings, click the link labelled 'Global Permissions'. The Global Permissions page will be displayed, showing a list of the global permissions and which groups currently have them:

    The Add Permission box is shown below the list.
  4. In the Permission drop-down list, select the global permission you wish to grant.
  5. In the Group drop-down list, either:
    • select the group to which you wish to grant the permission; or
    • if you wish to grant the permission to non logged-in users, select Anyone (not recommended for production systems). Note that the JIRA Users permission (i.e. permission to log in) cannot be granted to Anyone (i.e. to non logged-in users) since this would be contradictory.
      Icon

      If you have a user limited license (e.g. personal license) and have reached your user limit, you will not be able to grant login permissions (i.e. jira-users permission) to any further groups without first reducing the number of users with login permissions.