Documentation for JIRA 5.2. Documentation for other versions of JIRA is available too. 
Project permissions are created within Permission Schemes, which are then assigned to specific projects.
Project permissions can be granted to:
- Individual users
- Groups
- Project roles
- Issue roles such as 'Reporter', 'Project Lead' and 'Current Assignee'
- 'Anyone' (e.g. to allow anonymous access)
- A (multi-)user picker custom field.
- A (multi-)group picker custom field. This can either be an actual group picker custom field, or a (multi-)select-list whose values are group names.
The following table lists the different types of project permissions and the functions they secure. Note that project permissions can also be used in workflow conditions.
On this page:
Project Permissions | Explanation |
|---|---|
Administer Projects | Permission to administer a project in JIRA. This includes the ability to edit project role membership, project components, project versions and some project details ('Project Name', 'URL', 'Project Lead', 'Project Description'). |
Browse Projects | Permission to browse projects, use the Issue Navigator and view individual issues (except issues that have been restricted via Issue Security). Many other permissions are dependent on this permission, e.g. the 'Work On Issues' permission is only effective for users who also have the 'Browse Projects' permission. |
View Issue Source Tab | Permission to view the related source code commits (e.g. CVS, Subversion, FishEye, etc) for an issue, in a 'Source' tab. Note that for CVS, to view the related source code commits, the project needs to be associated with at least one Repository. |
View (Read-Only) Workflow | Permission to view the project's 'read-only' workflow when viewing an issue. This permission provides the 'View Workflow' link against the 'Status' field of the 'View Issue' page. |
Issue Permissions | Explanation |
Assign Issues | Permission to assign issues to users. (See also Assignable User permission below) |
Assignable User | Permission to be assigned issues. (Note that this does not include the ability to assign issues; see Assign Issue permission above). |
Close Issues | Permission to close issues. (This permission is useful where, for example, developers resolve issues and testers close them). Also see the Resolve Issues permission. |
Create Issues | Permission to create issues in the project. (Note that the Create Attachments permission is required in order to create attachments.) Includes the ability to create sub-tasks (if sub-tasks are enabled). |
Delete Issues | Permission to delete issues. Think carefully about which groups or project roles you assign this permission to; usually it will only be given to administrators. Note that deleting an issue will delete all of its comments and attachments, even if the user does not have the Delete Comments or Delete Attachments permissions. However, the Delete Issues permission does not include the ability to delete individual comments or attachments. |
Edit Issues | Permission to edit issues (excluding the 'Due Date' field — see the Schedule Issues permission). Includes the ability to convert issues to sub-tasks and vice versa (if sub-tasks are enabled). Note that the Delete Issue permission is required in order to delete issues. The Edit Issue permission is usually given to any groups or project roles who have the Create Issue permission (perhaps the only exception to this is if you give everyone the ability to create issues — it may not be appropriate to give everyone the ability to edit too). Note that all edits are recorded in the Issue Change History for audit purposes. |
Link Issues | Permission to link issues together. (Only relevant if Issue Linking is enabled). |
Modify Reporter | Permission to modify the 'Reporter' of an issue. This allows a user to create issues 'on behalf of' someone else. This permission should generally only be granted to administrators. |
Move Issues | Permission to move issues from one project to another, or from one workflow to another workflow within the same project. Note that a user can only move issues to a project for which they have Create Issue permission. |
Resolve Issues | Permission to resolve and reopen issues. This also includes the ability to set the 'Fix For version' field for issues. Also see the Close Issues permission. |
Schedule Issues | Permission to schedule an issue — that is, set and edit the 'Due Date' of an issue. |
Set Issue Security | Permission to set the security level on an issue to control who can access the issue. Only relevant if issue security has been enabled. |
Voters & Watchers Permissions | Explanation |
Manage Watcher List | Permission to manage (i.e. view/add/remove users to/from) the watcher list of an issue. |
View Voters and Watchers | Permission to view the voter list and watcher list of an issue. Also see the Manage Watcher List permission. |
Comments Permissions | Explanation |
Add Comments | Permission to add comments to issues. Note that this does not include the ability to edit or delete comments. |
Delete All Comments | Permission to delete any comments, regardless of who added them. |
Delete Own Comments | Permission to delete comments that were added by the user. |
Edit All Comments | Permission to edit any comments, regardless of who added them. |
Edit Own Comments | Permission to edit comments that were added by the user. |
Attachments Permissions | Explanation |
Create Attachments | Permission to attach files to an issue. (Only relevant if attachments are enabled). Note that this does not include the ability to delete attachments. |
Delete All Attachments | Permission to delete any attachments, regardless of who added them. |
Delete Own Attachments | Permission to delete attachments that were added by the user. |
Time Tracking Permissions | Explanation |
Work On Issues | Permission to log work against an issue, i.e. create a worklog entry. (Only relevant if Time Tracking is enabled). |
Delete All Worklogs | Permission to delete any worklog entries, regardless of who added them. (Only relevant if Time Tracking is enabled). Also see the Work On Issues permission. |
Delete Own Worklogs | Permission to delete worklog entries that were added by the user. (Only relevant if Time Tracking is enabled). Also see the Work On Issues permission. |
Edit All Worklogs | Permission to edit any worklog entries, regardless of who added them. (Only relevant if Time Tracking is enabled). Also see the Work On Issues permission. |
Edit Own Worklogs | Permission to edit worklog entries that were added by the user. (Only relevant if Time Tracking is enabled). Also see the Work On Issues permission. |
Permission Schemes
What is a Permission Scheme?
A permission scheme is a set of user/group/role assignments for the project permissions listed above. Every project has a permission scheme. One permission scheme can be associated with multiple projects.
Why Permission Schemes?
In many organisations, multiple projects have the same needs regarding access rights. (For example, only the specified project team may be authorised to assign and work on issues).
Permission schemes prevent having to set up permissions individually for every project. Once a permission scheme is set up it can be applied to all projects that have the same type of access requirements.
Creating a Permission Scheme
- Log in as a user with the 'JIRA Administrators' global permission.
- Choose Administration at the top right of your screen. Then choose Issues > Permission Schemes to open the 'Permission Schemes' page, which displays a list of all permission schemes in your JIRA system and the projects which use each scheme.
Keyboard shortcut: 'g' + 'g' + start typing 'permission schemes' - Click the 'Add Permission Scheme' link.
Screenshot: The 'Permission Schemes' page
- In the 'Add Permission Scheme' form, enter a name for the scheme, and a short description of the scheme. Click the 'Add' button.
Screenshot: The 'Add Permission Scheme' form
- You will return to the 'Permission Schemes' page which now contains the newly added scheme.
Screenshot: the 'View Permission Schemes' page, showing the newly added scheme
Adding Users, Groups or Roles to a Permission Scheme
- Log in as a user with the 'JIRA Administrators' global permission.
- Choose Administration at the top right of your screen. Then choose Issues > Permission Schemes to open the 'Permission Schemes' page, which displays a list of all permission schemes in your JIRA system and the projects which use each scheme.
Keyboard shortcut: 'g' + 'g' + start typing 'permission schemes' - Locate the permission scheme of interest and click its name (or click the 'Permissions' link in the 'Operations' column) to show a list of permissions.
Screenshot: Project Permissions
- Click the 'Add' link in the 'Operations' column, which displays the 'Add Permission' page.
- After selecting one or more permissions to add and who to add the selected permissions to, click the 'Add' button. The users/groups/roles will now be added to the selected permissions. Note that project roles are useful for defining specific team members for each project. Referencing project roles (rather than users or groups) in your permissions can help you minimise the number of permission schemes in your system.
Screenshot: Add Users To Permissions
- Repeat the last 2 steps until all required users/groups/roles have been added to the permissions.
Deleting Users, Groups or Roles from a Permission Scheme
- Log in as a user with the JIRA Administrators global permission.
- Choose Administration at the top right of your screen. Then choose Issues > Permission Schemes to open the 'Permission Schemes' page, which displays a list of all permission schemes in your JIRA system and the projects which use each scheme.
Keyboard shortcut: g + g + start typing permission schemes - Locate the permission scheme of interest and click its name (or click the Permissions link in the 'Operations' column) to show the list of 'Project Permissions' (above).
- Click the Delete link in the "Users / Groups / Roles" column next to the name of the user, group or project role you wish to delete.
Associating a Permission Scheme with a Project
- Log in as a user with the JIRA Administrators global permission.
- Choose Administration at the top right of your screen. Then choose Projects > Projects to open the 'Projects' page. Keyboard shortcut: g + g + start typing projects
- Select the project of interest to open the Project Summary administration page for that project. See Defining a Project for more information.
- On the lower right, in the Permissions section, click the name of the current scheme (e.g. 'Default Permission Scheme') to display the details of the project's current permission scheme.
- Click the 'Actions' dropdown menu and choose 'Use a different scheme'.
- On the 'Associate Permission Scheme to Project' page, which lists all available permission schemes, select the permission scheme you want to associate with the project.
Screenshot: The 'Associate Permission Scheme to Project' page
- Click the 'Associate' button to associate the project with the permission scheme.
Deleting a Permission Scheme
- Log in as a user with the JIRA Administrators global permission.
- Choose Administration at the top right of your screen. Then choose Issues > Permission Schemes to open the 'Permission Schemes' page, which displays a list of all permission schemes in your JIRA system and the projects which use each scheme.
Keyboard shortcut: g + g + start typing permission schemes - Click the Delete link (in the Operations column) for the scheme that you want to delete.
- A confirmation screen will appear. To delete click Delete otherwise click Cancel.
- The scheme will be deleted and all associated projects will be automatically associated with the Default Permission Scheme. (Note that you cannot delete the Default Permission Scheme.)
See also Minimising the number of Permission Schemes and Notification Schemes.
Copying a Permission Scheme
- Log in as a user with the JIRA Administratorsglobal permission.
- Choose Administration at the top right of your screen. Then choose Issues > Permission Schemes to open the 'Permission Schemes' page, which displays a list of all permission schemes in your JIRA system and the projects which use each scheme.Keyboard shortcut: g + g + start typing permission schemes
- Click the Copy link (in the Operations column) for the scheme that you want to copy.
- A new scheme will be created with the same permissions and the same users/groups/roles assigned to them.
This table lists the different global permissions and the functions they secure: Global Permission Explanation JIRA System Administrators Permission to perform all JIRA administration functions. JIRA Administrators Permission to perform most JIRA administration functions (see list of exclusions below). JIRA Users Permission to log in to JIRA. Browse Users Permission to view a list of all JIRA user names and group names. Used for selecting users/groups in popup screens (such as the 'User Picker'). Enables auto-completion of user names in the 'User Picker' popup screen. Create Shared Objects Permission to share a filter or dashboard globally or with groups of users. Manage Group Filter Subscriptions Permission to manage (create and delete) group filter subscriptions. Bulk Change Permission to execute the bulk operations within JIRA:
This does not include the JIRA Users permission. A user with JIRA System Administrators will be able to log in to JIRA without the JIRA Users permission, but may not be able to perform all regular user functions (e.g. edit their profile) unless they also belong to a group that has the JIRA Users permission.
This does not include the JIRA Users permission. A user with JIRA Administrators will be able to log in to JIRA without the JIRA Users permission, but may not be able to perform all regular user functions (e.g. edit their profile) unless they also belong to a group that has the JIRA Users permission.
The number of users that count towards your JIRA license is the sum of all users (including users in groups) that have this permission. If you want to reduce this count, see How do I reduce my user count in JIRA.
Granting the JIRA Users permission to a group results in all newly created users being automatically added to that group. The exception to this are groups that also have either the JIRA System Administrators or JIRA Administrators permissions, since JIRA prevents groups with these administrative-level global permissions from being granted the JIRA Users permission. Furthermore, it would be unwise to automatically grant these administrative-level global permissions to all new users.
- Bulk Edit *
- Bulk Move *
- Bulk Workflow Transition
- Bulk Delete *
( * subject to project-specific permissions.)
The decision to grant the Bulk Change permission should be considered carefully. This permission grants users the ability to modify a collection of issues at once. For example, in JIRA installations configured to run in Public mode (i.e. anybody can sign up and create issues), a user with the Bulk Change global permission and the Add Comments project permission could comment on all accessible issues. Undoing such modifications may not be possible through the JIRA application interface and may require changes made directly against the database (which is not recommended).
Overview
Content Tools
Apps
See our Getting Help page for details.
Raise an issue for our developers.
See answers from the community.
Tweet, blog and update our documentation.
Except where otherwise noted, content in this space is licensed under a Creative Commons Attribution 2.5 Australia License.
2 Comments
Jacques
Apr 11, 2013The logic of this page would make so much more sense if the paragraphs "What is a Permission Scheme?" and "Why Permission Schemes?" were at the top of the page, followed by the different project permissions and then how to create/assign permission schemes.
SusanA
Apr 11, 2013Hello Jacques, I just looked at this page and I have to say that I agree with you. I haven't been here long, but I will look into reorganizing this for the next JIRA release. Thanks for your feedback.