Documentation for JIRA 4.4. Documentation for other versions of JIRA is available too. 
Global permissions are system wide and are granted to groups of users.
See also project permissions, which apply to individual projects.
This table lists the different global permissions and the functions they secure:
Global Permission | Explanation |
|---|---|
JIRA System Administrators | Permission to perform all JIRA administration functions. |
JIRA Administrators | Permission to perform most JIRA administration functions (see list of exclusions below). |
JIRA Users | Permission to log in to JIRA. |
Browse Users | Permission to view a list of all JIRA user names and group names. Used for selecting users/groups in popup screens (such as the 'User Picker'). |
Create Shared Objects | Permission to share a filter or dashboard globally or with groups of users. |
Manage Group Filter Subscriptions | Permission to manage (create and delete) group filter subscriptions. |
Bulk Change | Permission to execute the bulk operations within JIRA: |
does not include JIRA Users permission. A user with JIRA System Administrators will be able to log in to JIRA without the JIRA Users permission, but may not be able to perform all regular user functions (e.g. edit their profile) unless they also belong to a group that has the JIRA Users permission.
About 'JIRA System Administrators' and 'JIRA Administrators'
People who have the JIRA System Administrators permission can perform all of the administration functions in JIRA, while people who have only the JIRA Administrators permission cannot perform functions which could affect the application environment or network. This is useful for organisations which need to delegate some administrative privileges (e.g. creating users, creating projects) to particular people, without granting them complete rights to administer the JIRA system.
By default, the jira-administrators group has both the JIRA Administrators permission and the JIRA System Administrators permission. If you need some people to have only the JIRA Administrators permission (and not the JIRA System Administrators permission), you will need to use two separate groups, e.g.:
- Create a new group (e.g. called
jira-system-administrators). - Add to the
jira-system-administratorsgroup everyone who needs to have the JIRA System Administrators permission. - Grant the JIRA System Administrators permission to the
jira-system-administratorsgroup. - Remove the JIRA System Administrators permission from the
jira-administratorsgroup. - (Optional, but recommended for ease of maintenance) Remove from the
jira-administratorsgroup everyone who is a member of thejira-system-administratorsgroup.
People who have the JIRA Administrators permission (and not the JIRA System Administrators permission) cannot do the following:
- Configure SMTP email (but they can configure POP/IMAP, and fully administer email notification schemes).
- Configure a CVS source code repository (but they can associate a project with a configured repository).
- Configure listeners.
- Configure services (except for POP/IMAP services).
- Change the index path (but they can reindex and optimise the index).
- Run the integrity checker.
- Access logging and profiling information.
- Access the scheduler.
- Export/backup JIRA data to XML.
- Import/restore JIRA data from XML.
- Import XML workflows into JIRA.
- Configure attachments (but they can set the size limits of attachments and enable thumbnails).
- Enable trackbacks.
- Run Jelly scripts.
- Add gadgets to the Gadget Directory.
- Configure user directories (e.g. LDAP).
- Configure Application Links (but they can configure Entity Links).
- View user sessions.
- Access license details.
- Grant/revoke the JIRA System Administrators global permission.
- Edit (or Bulk Edit) groups that have the JIRA System Administrators global permission.
- Edit, change the password of or delete a user who has the JIRA System Administrators global permission.
It is recommended that people who have the JIRA Administrators permission (and not the JIRA System Administrators permission) are not given direct access to the JIRA filesystem or database.
Granting global permissions
- Log in as a user with the JIRA Administrators global permission (or the JIRA System Administrators global permission, if you need to grant the JIRA System Administrators global permission).
- Select 'Administration' > 'Users' > 'Global Permissions' to open the Global Permissions page, which shows a list of JIRA's global permissions and which groups currently have these permissions.
Keyboard shortcut: 'g' + 'g' + start typing 'global permissions'
Screenshot 1: the Global Permissions screen
The Add Permission box is shown below the list. - In the Permission drop-down list, select the global permission you wish to grant.
- In the Groupdrop-down list, either:
- select the group to which you wish to grant the permission; or
if you wish to grant the permission to non logged-in users, select Anyone (not recommended for production systems).
Please Note:The JIRA Users permission (i.e. permission to log in) cannot be granted to Anyone (i.e. to non logged-in users) since this would be contradictory.
- The JIRA Users permission cannot be granted to groups that have the JIRA System Administrators or JIRA Administrators permissions.
- If you have a user limited license (e.g. personal license) and have reached your user limit, you will not be able to grant the JIRA Users permission (i.e. permission to log in) to any further groups without first reducing the number of users with the JIRA Users permission.
Overview
Content Tools
Apps
See our Getting Help page for details.
Raise an issue for our developers.
See answers from the community.
Tweet, blog and update our documentation.
Except where otherwise noted, content in this space is licensed under a Creative Commons Attribution 2.5 Australia License.