Using custom permission schemes
Platform Notice: Cloud, Server, and Data Center - This article applies equally to all platforms.
Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.
*Except Fisheye and Crucible
If you want to customize the permission scheme for your service project, make sure that you grant permissions to users by granting them:
- to the Administrators role for administrators/project administrators
- to the Service Desk Team role for agents
- to the Service Management Collaborators role for collaborators
- to the Service Management Customer - Portal Access security type for customers. For more information about this security type, see Jira Service Management permissions overview.
If you grant permissions to groups or individual users instead of the roles and security type, some functionality in your service project might be disabled.
Mandatory permissions by project roles
If you choose to use custom permission schemes, the permissions in the following table are mandatory for the project roles in the typical service project context. If you configure the permissions for the roles differently than shown in the table and run into problems, you can find the explanation of the problems and how you can fix them on the Resolve permission scheme errors in Jira Service Management page.
Project role | Mandatory permissions |
---|---|
Administrators | This project role must have the Administer Projects project permission in order to set up and administer a service project. This permission allows users to manage service project functionality like creating new request types, setting up new queues, creating SLAs, and generating reports. This project role also must have all the permissions granted to the other users of the service project in order to see all the functionality they'll be using. |
Service Desk Team |
|
Service Management Customers | The permissions for customers must be granted to the Service Management Customer - Portal Access security type instead of the Service Management Customers role. This configuration gives customers access to the Customer Portal only (not Jira). The security type reads the role to determine who are customers.
In addition, if the service project uses an issue security scheme, make sure that it is configured so that service project users can view issues. Otherwise, customers might be able to create issues but not view them after they've been created. See Configuring issue-level security. |
Service Management Collaborators |
|