Need help with project-specific user permissions
I’m working with JIRA 4.4 and trying to set up access for some new team members who are just starting out. I want to give them hands-on experience but keep their access limited.
Here’s what I’m trying to accomplish:
- Make it so these users can only see one specific project (no other projects should appear in their menus or dashboard)
- Give them developer-level permissions but only for that one project
- Keep the setup simple so I can easily remove these accounts later when they move on
I tried adding one of these users through the People section of the project. I put them in both the Developers and Users groups for that project, but they get a “You do not have permission to log in” error.
When I add them to the jira-users group, they can log in fine but then they see every project in the system.
What’s the cleanest way to handle this without creating complicated global permissions or groups that might cause problems later?
The permission error occurs because JIRA 4.4 requires users to have the global JIRA Users permission before project-specific permissions take effect. To resolve this issue, create a custom permission scheme specifically for your project. Navigate to Administration > Issues > Permission Schemes and set up a new scheme. Assign permissions exclusively to the relevant groups or users for this project and link that scheme in your project’s settings. While users need to be part of the jira-users group, controlling project visibility can be achieved through your custom scheme. Additionally, ensure that ‘Browse Projects’ permission is removed from any global groups associated with these users to maintain access restrictions solely to the designated project, simplifying future user management.
Indeed, you’ve hit on a common challenge with JIRA 4.4 regarding user permissions. I faced a similar situation and found a solution that worked effectively. Instead of relying on the standard jira-users group, I created a custom group, like ‘project-specific-users’. This new group was assigned only the essential global permissions needed for login, while the Browse Projects permission was removed. Subsequently, within the project’s permission scheme, I specifically granted Browse Projects and other necessary permissions to this custom group. This way, users are able to log in but will only have visibility to the intended project, effectively streamlining user management.
yeah, 4.4 can be tough! so what i did was add them to the jira-users group. then i went to project > permissions and set up a role like ‘temp-users’. just make sure to remove browse permissions from the Everyone group and assign it to your new role. it’s simple to manage!