Permissions made simple for Jira server

Platform Notice: Data Center Only - This article only applies to Atlassian products on the Data Center platform.

Note that this KB was created for the Data Center version of the product. Data Center KBs for non-Data-Center-specific features may also work for Server versions of the product, however they have not been tested. Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.

*Except Fisheye and Crucible

Summary

The main concepts of Jira permissions revolve around: Users,Groups, Global Permissions,Permission Schemes, and Project Roles.

  • Users are defined by having 'JIRA Users' global permissions. They can login and count towards your JIRA license.

  • Groups are multiple users within your instance that need the same application permissions.

  • Global Permissions are system wide and are granted to groups of users. In JIRA we have the following permissions:

    • JIRA Administrators

    • JIRA Users

    • Browse Users

    • Create Shared Objects

    • Manage Group Filter Subscriptions

    • Bulk Change

  • Permission Schemes is a set of users groups or project roles assignments for the project permissions. A single JIRA project can only have one permission scheme. However, a particular permission scheme can be used by a number of projects.

  • Project Roles are a flexible way to associate users and/or groups with particular projects. Their main difference with JIRA groups is that they are project-specific while groups are global across the JIRA application.

Environment

Jira Data Center

Solution

The graph below illustrates Atlassian suggested best practice when it comes to permissions.

(Auto-migrated image: description temporarily unavailable)

  1. Only Project Roles are assigned to the Permission Scheme. Users and groups are not included in this phase.

  2. Assign Project Roles to the users or groups through the project administration page.

By using the above set up you'll be able to re-use the same permission scheme for different projects and avoid duplication.

Project Roles Main Players

In Jira, we have three default roles namely: Administrators, Developers, and Users.

Administrators

It contains the user/s who administer a given project in your Jira application. They can add new users or groups, and manage components and versions as well.

Developers

It has the user/s who work on issues in a given project. They can be issues assignees and can edit, and log work on those issues.

Users

It contains people who create issues in a given project. They can view and comment on the issues they raised.

Permission Schemes

For associating a permission scheme with a project, you can refer to this: Associating a Permission Scheme with a Project.

Updated on April 8, 2025
Platform
Data Center only
Product
Jira Software Data Center
On this pageSummarySolution

Still need help?

The Atlassian Community is here for you.
Ask the Community