Manage automatic access to Goals and Projects
As we roll out Goals and Projects, some customers will find their users are able to create and view goals and projects from day one. If this applies to your organization, this means we enabled automatic access for Goals and Projects in your organization. Organization admins can disable and re-enable automatic access to Goals and Projects at any time.
Not all organizations will have automatic access. Organization admins can always grant access to Goals and Projects manually. Give users access to apps
How automatic access works
Automatic access grants Goals and Projects access for anyone who has access to another Atlassian app.
Specifically, we add Goals and Projects to the default groups in Atlassian Administration for the following roles:
App | Roles |
|---|---|
Compass |
|
Confluence |
|
Focus |
|
Jira |
|
Jira Product Discovery |
|
Jira Service Management |
|
Opsgenie |
|
Statuspage |
|
Troubleshooting
You may run into these scenarios when you have automatic access enabled. We’ll explain how you can resolve these issues.
Removing access to Goals or Projects removes access to other apps
When your organization has automatic access enabled for Goals, we add Goals to the default groups above. Each group now grants the same role for Goals that they granted to the existing app. When you remove a user’s access to Goals, we remove the user from these default groups. This means they also lose access to other apps that these groups granted.
The same logic applies to automatic access for Projects.
Example
Alex is part of the Confluence user default group. Goals has automatic access enabled. This means the Confluence user default group also grants its members the user role for Goals.
When an admin removes Alex’s access to Goals:
We remove Alex from the Confluence user default group because it also grants access to Goals.
Consequently, Alex also loses access to Confluence.
Solution
You can avoid this by disabling automatic access, which will remove Goals or Projects from the default groups above. This lets you manage access to Goals and Projects independent of other apps.
User access admins can’t add or remove users for their app
When your organization has automatic access enabled for Goals, we add Goals to the default groups above. Each group now grants the same role for Goals that they granted to the existing app. If someone’s user access admin role isn’t granted by a default group*, they don’t become user access admins for Goals automatically. As a result, they can’t add users to or remove them from their app because the app’s default user group also grants access to Goals, which they don’t administer.
The same logic applies to automatic access for Projects.
*Organizations that previously had the original user management experience may find their user access admin roles are granted by a non-default group called user-access-admins-{site}.
Solution
Add Goals or Projects to the group that grants the user access admin role. If you don’t want to do this, disable automatic access. This lets you manage access to Goals and Projects independent of other apps.
Was this helpful?