Create a read-only user in Jira Cloud
プラットフォームについて: Cloud のみ - この記事は クラウド プラットフォームのアトラシアン製品に適用されます。
要約
You want to add one (or more) external user(s) to your Jira instance. However, they should only have access to certain project(s) and only have specific permissions.
Creating read-only users requires granting them a Jira license.
This approach is different than managing anonymous or public access. Allowing anonymous project visibility means the project is publicly visible on the internet, whereas using read-only users will require users to have an Atlassian account, a Jira license on the site, and for them to log in to the site to view the project.
Restrict all project access, then grant specific "read-only" permissions
These steps cover company-managed projects only. See below for steps covering team-managed projects.
We need to restrict all projects to your internal users, and then grant specific permissions to the external users. The process involves several steps but is reliable and secure.
To achieve this, we'll need to create a group, a project role, and finally make changes to all projects' permission schemes. Let's break this into steps:
Create a Group
- Navigate to
Settings > User management
- Create a new group (example: readonly-users) and grant it product access to Jira
- See also Give users access to products
- Go to User Administration > Product access
- Select Add group for the target product
- Choose the newly created group from the list
- Add group
- Add any external user(s) to only the readonly-users group
Create a Project Role
- Return to your Jira site
- Navigate to
Select Project roles
Under Add Project Role at the bottom of the page, enter your desired role's name (example: readonly-users-role) and a description
- Click the Add Project Role button
- By using a project role you'll be able to reuse the Permission Scheme between different projects that have different read-only users
- A project role also allows you to grant single users from the readonly-users group access to a project
- A good approach is to restrict the role as much as possible and add permissions as needed
Adjust your Permission Schemes
For all projects not visible by external users
- Navigate to
- Ensure the Browse Projects and Administer Projects permissions are not set to "Any logged in user" or to users with "Application access" to Jira
- Add permission to Browse Projects to your Jira default access group - where all Jira users, except the restricted user(s), exist
For projects visible by external users
- Add the readonly-users-role project role to the Browse Projects permission
- Optional: you can also add the project role readonly-users-role to add other permissions you might want the external user(s) to have, such as create issues, edit issues, etc
Make sure the Permission scheme(s) where you added the readonly-users-role is not shared with projects other than the project(s) you want the external users to see. (You can read more about permission schemes in our documentation)
Add the external users to your project
- Go to your project and select Project settings > People
- Click Add people
- You can add:
- specific user(s) from the group and assign them the project role of readonly-users-role
- the group readonly-users and assign it the readonly-users-role
Read-only users for team-managed projects
If you also have team-managed projects on your site, for each project, you'll also need to make changes on Project settings > (Internal) Access to restrict its access to private.
If you want to allow external users to view a team-managed project, create a new project role with limited permissions (Create a role in your team-managed service project) and add them to your project.