You won't want every user in your team to have the same level of access to Jira Core. For example, you may want to restrict who can administer Jira Core, or prevent users from viewing a project. In this step, you will learn about the different permissions in Jira Core and set permissions for a new project.
Overview of roles, groups, and users
A role is a project-specific set of groups and/or individual users. In our example of the design project in the t-shirt business, all product managers need to be able to assign work (issues) across all projects, while senior designers need to be able to assign work on specific design projects. In Jira Core, you can define a product manager role that includes all product managers. You can then define a set of permissions with the "Assign issue" permission for this role, and apply this set of permissions to all projects. Individual senior designers can be added to the product manager role on each project, as needed.
Overview of global and project permissions
Global permissions cover a small set of functions that affect all projects in Jira Core (for example, permission to administer Jira Core). They can only be assigned to groups:
Project permissions cover a set of more granular functions that affect a single project. For example, permission to create issues in a project can be assigned to groups, users, and project-specific roles.
Now let's put this into practice! You're going to go through the tasks involved to use project permissions to hide a new, secret t-shirt design project from some of your users.
Create a new project role
This project role will only contain users that you want to view a particular project. We will assign permissions to this role in the next step.
- Select the Jira icon (, , , or) > Settings > System
- In the security section, select Project roles
- Add another project role named "Review"
- Leave the Description field blank for now and select Add project role
- Select Manage Default Members
- Select Edit under Default Users and add yourself and Jason to the Review project role (don't add Kate or Emma)
Configure a new permission scheme
The Browse Projects permission controls whether a user can browse a project, i.e. whether they can view the project. Let's assign this permission to your new project role.
- Select the Jira icon (, , , or) > Settings > Issues > Permission schemes
- Copy the "Default Permission Scheme"
- Edit the copied permission scheme and change the name to Confidential Permission Scheme
- Click Update
- Select Permissions for the Confidential Permission Scheme
- Remove browse permission for anyone who can log in:
- Click Remove to the right of "Browse Projects"
- Check "Application access - Any logged in user"
- Click Remove
- Grant browse permission to our "Review" project role
- Click Edit to the right of "Browse Projects"
- Select Project Role and Choose "Review" from the menu
- Click Grant
Associate the scheme with a new project
For the last step, let's associate the permission scheme with your new project.
- Select the Jira icon (, , , or) > Projects > Create project
- Choose the project type "Task tracking"
- Name the project Top Secret Tee and Create
- Choose the Jira icon (, , , or) > Projects, select a project, then click Settings > Permissions
- Select Actions > Use a different scheme
- Set the Scheme to Confidential Permission Scheme and select Associate
The only users that will be able to browse your new project are Jason and yourself. Note that default members are only added to a role for new projects. You can also use this approach to restrict users from creating issues, adding comments, closing issues, and more.
Well done! You created a project permissions scheme and applied it to a project.
You've now completed the tutorial for Jira Core admins. If you haven't already, we suggest you complete the tutorial for project administrators as well, so you have a better understanding of how your team will be using Jira Core. So put on your project administrator hat and let's get started!