Tempo logotype
7 min read

Jira best practices: Configuring Jira permission schemes

Limit access to sensitive tasks and information within your project management tool using Jira permission schemes at the global and project levels.
From Team '23

Tempo Team

A successful project delivery requires strict control over who does what and when. Project administrators and managers are responsible for planning, tracking, and managing work. Jira permission schemes are an invaluable regulatory tool for defining how team members can access information and perform actions within a project.

Familiarity with Jira permissions ensures task accountability, documentation rigor, and transparency, so you and your team aren’t surprised by unauthorized changes to the project. 

What is a permission scheme in Jira?

Permission schemes are a powerful tool within Atlassian’s Jira Cloud and related applications like Jira Service Management (JSM), an ITSM tool. They are rules established by administrators that determine who can access information or perform actions within the instance or individual projects. 

When establishing a permission scheme, admins consider two factors:

  • Role-based access: Access to actions or features usually depends on the user’s role. For example, Jira administrators grant project managers access to the complete range of actions, whereas team members can only create or comment on an issue.  

  • Security requirements: If your group is working on a sensitive project, administrators can limit access to documentation or features within the Jira software to approved team members and third-party stakeholders.

How do Jira permission schemes work?

Jira administration establishes and customizes permission schemes for each project within the platform. Each scheme organizes a set of permissions into levels, determining a user’s access to specific actions within Jira based on their position within the project hierarchy.

When a user attempts to execute an action, Jira checks the scheme to determine whether they have the correct permission level. If Jira admins grant access, the user can complete the task. Otherwise, the platform blocks the activity. 

Sign up for a demo

Register

Determining permission assignments

Within Jira, administrators manage user permissions according to an employee’s project role. This functionality offers a flexible, efficient way to regulate access to Jira features.

Administrators establish permission assignments for the following:

Users

A user is any person who can log into Jira. These individuals are automatically added to a default group and assigned a project role. 

Groups

Groups are collections of users that require the same Jira access or restriction level. They are customized and managed globally by the Jira administrator, who adds users based on the level of access they need to fulfill their responsibilities. Project administrators or managers are responsible for adding groups to a project and establishing their roles within it. 

Project roles

Project roles are a flexible way of associating a user or group with a particular project and related responsibilities. Unlike Jira groups, roles are project-specific and established by the project manager. 

The most common project roles include the following:

Administrators

These team members govern project activities. They receive project-specific – not global – administrative permissions.

Developers

These individuals work on issues within the project. They have permission to edit and log activities related to their work.

Users

Team members who can log issues within a project. Access is limited to viewing and commenting on issues. 

Categories of permission schemes

Within Jira applications, permission falls into one of three categories:

Global permissions

Users with Jira administrator access can configure global permissions. Usually applied to groups or users, global permissions grant access to information or actions across the entire instance rather than a single project.

Global permissions include:

  • Logging into Jira

  • Creating projects

  • Browsing user and group names

  • Performing bulk changes to multiple issues (e.g., edit, move, or delete)

Project permission

Administrators create and assign permission schemes to projects, outlining permissible user actions.

Some standard project permissions include the following:

  • Project administration rights, such as editing project roles, membership, components, or details

  • Browsing projects and viewing individual issues

  • Performing any sprint-related actions for all projects on a board

  • Viewing a project issue’s “read-only” workflow

Issue permissions

Issue permissions limit a user’s actions based on the project’s permissions and security scheme. A Jira system administrator, group user with admin access, or project administrator establishes these restrictions.

Actions that require issue permissions include:

  • Assigning issues

  • Creating new issues

  • Closing issues

  • Editing issues

  • Linking issues together

How to create and manage a permission scheme in Jira

Creating or managing a permission scheme requires Jira administration rights. Once granted, here’s how to get started:

Creating a permission scheme

To begin creating your permission scheme, log in to Jira. Once you reach your dashboard, follow these steps:

  • Select , then click “Issues”

  • Choose “Permission Schemes” from the sidebar to open the related page

  • Click “Add Permission Scheme” to launch the creation form

  • Name the new scheme and add a short description to identify it

  • Click “Add”

Voilà! You’ve created a new scheme. But you haven’t finished yet. You still need to define and grant permissions. Returning to the “Permission Schemes” page,

  • Add users, groups, and team roles and define their permissions

  • Link the permission scheme to affiliated projects

Managing permissions

You may need to modify permission schemes after creating them. Whenever administrators modify permissions, no matter the type, they change for everyone using that scheme. Although this makes updates fast and easy, it can lead to unforeseen outcomes. Double-check impacts before implementing them.

Here’s how to add users, groups, or roles in an established permission scheme:

  • Select ⛮, then click “Issues”

  • Open the “Permissions Schemes” page by clicking the link in the sidebar

  • Locate the permission scheme you wish to update and click “Permissions” in the “Actions” column to display the details

  • Click “Update” for each permission listed within the scheme to open the “Grant permission” dialogue box and review the details

  • Within the “Grant permission” dialogue box, select permission recipients. These can include individual users, groups, project roles, issue roles, and public.

Remember, some permissions are dependent on others. For example, to edit an issue, a team member must also have permission to browse the project.

Delete permissions

One type of permission requires special consideration: the ability to delete a comment, issue, or worklog. Deletion policies are often a topic of debate between those who wish to limit project information to what’s relevant for completion and those who want to preserve a complete history of conversations and decision-making. 

For example, deleting comments carries significant risks. You could lose an essential part of a comment thread, rendering other responses unintelligible. Erasing an issue could delete historical data needed to improve processes or workflow. 

Deletions only make sense when granting users permission to erase their worklog. To create a worklog in a new issue, users must first delete it from a previous ticket, which isn’t possible if that action is restricted.

Tips to master permission schemes

Mastering project permissions takes practice. Consider the following best practices to start off on the right foot:

  • Establish project-specific schemes: If you administer multiple projects, customize a project-specific scheme for each initiative rather than adopting a one-size-fits-all approach.

  • Manage access with workflow conditions: Control access to specific actions within a project by establishing workflow conditions. For example, you can require permissions for a team member to transition an issue to a new status.

  • Exert additional control with issue security schemes: Restrict access to critical issues with an issue security scheme. If a project is sensitive, you can limit access to confidential information to users with a particular security level.

  • Integrate third-party add-ons for additional functionality: The Atlassian Marketplace boasts third-party applications that extend permission scheme capabilities, such as managing permissions across multiple projects or offering additional security features.

  • Document permission schemes: Always document important permission scheme details, such as configuration data, customizations, and each user’s permission level. This information is invaluable when addressing a security breach or onboarding new team members. 

Final words

Overseeing multiple managed projects requires a massive effort. You don’t have time to micromanage everyone’s access to tools and documentation. Fortunately, Jira permission schemes let you tame potential chaos by equipping team members with appropriate access while preventing users from overstepping their roles. 

Tempo’s Capacity Planner ensures you’ve included the right people with the necessary skills in a working group. Once you’ve established your team, you can assign permissions immediately so they can hit the ground running without delay.

Explore More Content

Unified time and team management

Integration: Timesheets and Capacity Planner

Seamlessly manage project timelines and resources while accurately tracking time spent on tasks. This integration enhances visibility, improves planning accuracy, and supports data-driven decision-making for better overall project outcomes.

Learn more

Project and program management for Jira

Structure PPM

Visualize all your Jira data & manage portfolios of projects in real-time.

Learn more

Jira Portfolio Management PPM

Structure by Tempo

Jira Project Portfolio Management (PPM): Visualize data and manage projects within spreadsheet-like tables — in less than a minute

Go to marketplace

Strategic Portfolio Management

Strategic Portfolio Management

Modern modular PPM solutions that scale with your business. Align your teams with the integrated platform that bridges the gap between strategy and execution.

Learn more

Unified time and team management

Integration: Timesheets and Structure

Combining Tempo Timesheets and Structure PPM provides a unified view of time tracking and project progress, enabling more accurate reporting and effective portfolio management. Simplify workflows, enhance collaboration, and ensure projects stay on time and within budget.

Learn more
Colleagues interacting around a desk

No-Code Power BI Jira Integration

Power BI Connector for Jira

Effortlessly bridge Jira with your preferred BI tool, unlocking unparalleled insights and enhancing decision-making

Learn more

Monitor financial health at every level

Financial Manager for Timesheets

Monitor projects and portfolios to get simple, clear, and real-time views of your costs, budgets, and profits that can be shared throughout your entire organization.

Learn more

Agile at Scale Software

Agile at Scale

Adapt to changing business needs, rapidly adjust plans, and reallocate investment.

Learn more

Jira Team & Resource Management

Capacity Planner

#1 Jira Resource Management App: Optimize team allocation, skillset utilization, capacity planning & project management

Go to marketplace

Real-time collaboration and capacity planning in Jira

Capacity Planner

A powerful team resource management tool designed to optimize capacity planning and project management in Jira

Learn more

Centralize real-time plans in one view

Integration: Structure and Gantt Charts

Gain a more complete project management solution, simplifying project reporting, improving collaboration, and ensuring projects stay on time and within budget.

Learn more

Custom charts and dashboards for Jira

Custom Charts for Jira

See how work is progressing and where blockers are with the most flexible reporting app in Jira.

Learn more

Time Tracking Software for Jira

Timesheets

Tempo’s intuitive automation and Jira-native design make it the most trusted time tracking tool for enterprise organization.

Learn more

Jira Project Cost Tracking

Financial Manager

Project financial management for Jira & Timesheets. Monitor project costs, expenses, revenue, billing & budgets. Track Capex/Opex

Go to marketplace

Align your organization with proactive portfolio management

Portfolio Manager (LiquidPlanner)

Predictive scheduling and the ability to forecast project timelines and spot risks so you can meet deadlines with confidence.

Learn more

Jira Time Tracking

Timesheets by Tempo

#1 Jira Time Tracking & AI Apps: Log Tempo Timesheets for Planning, Project Management & Billing. Plugin Office365, Google & Slack

Go to marketplace

AI-enabled capacity visualization

Capacity Insights - Open Beta

Deliver visibility into how your team's time and efforts align with business objectives and project ROI - without the manual effort

Learn more

Jira ITSM Solutions with Tempo

ITSM

Build and scale a custom ITSM solution at your own pace with Tempo's modular suite of integrated tools. Enhance Jira's capabilities and take control of your entire IT portfolio.

Learn more

Take control of your projects

Integration: Portfolio Manager and Jira

Portfolio Manager integrates seamlessly with Jira to give you predictive scheduling, real-time scenario modeling, and advanced resource management – ensuring you stay on track, no matter what challenges arise.

Learn more