robotsnoindex

When multiple users in your organization need the same permissions or restrictions, you can add the users to a group and then give the groups product access.

You can't add Jira Service Management portal only customers (i.e. those submitting service project requests) to any groups. Learn more about managing portal only customers

Create groups

  1. Log in to admin.atlassian.com.

  2. From your organization, select Directory > Groups from the left side of the page.

  3. Select the Create group button to create a new group.

  4. Enter the Group’s name, add the Group’s members, and enter the Group's description.

    • A group’s name cannot be changed after being created. You will need to create a new group with a different name.

  5. Select Create.

  6. You’ll be redirected to the Groups details page where you can add products to the group and give group members product access. Select Add products to view a list of products.

  7. From the Product roles dropdown for a Product, select a product role.

  8. Select Add.

Edit and delete groups

  1. Log in to admin.atlassian.com.

  2. From your organization, select Directory > Groups from the left side of the page.

  3. Select a group from the list to edit or delete.

    • Edit the group description by selecting the 3 dot icon to the right of Add group members > Edit description.

    • Edit the group's product access by clicking Edit group's access under Group access. See Update product access settings for more details.

    • Delete the group by selecting the 3 dot icon to the right of Add group members > Delete group.


You can’t delete groups marked as Default access group.


Update group membership

  1. Log in to admin.atlassian.com.

  2. From your organization, select Directory > Groups from the left side of the page.

  3. Select a group from the list where you want to add or remove users.

    • To add users to the group, select Add group members, select the users you’d like to add, then press the Add button.

    • To remove users from the group, select the 3 dot icon for a User > Remove member from group > Remove from group to confirm.

Default groups and permissions

Users are automatically placed in default groups ([product]-users-<sitename> e.g. Jira-Software-users-atlassian.com) when you invite users to a cloud product. The [product]-users-<sitename> group allows users to access the product with basic permissions. You can further restrict users' access within a product with the product's permissions.

Depending on when you created your site, there might be slight differences in your site’s default groups.

For instances created after August 2021

In this product

Default groups

Default permissions

Org-wide groups

site-admins

Contains users who manage all your sites and the organization. The following default permissions are available for site-admins:

  • All permissions assigned to the 'administrators' group for the products you have.

  • Access to user management (ability to create new users, assign users to groups, grant product access, etc.).

  • Access to billing information.

  • Access to all organization level settings.

  • Access to all site level settings.

  • Access to all the products in the site.

Users with these permissions are considered organization administrators for documentation and support purposes.

Jira Software

jira-software-users-<site-name>

Grants access to the Jira Software product under <site-name>.

Assigns all members the 'Users' project role, which allows members to see all project issues (unless protected by a security level) and create new issues.

Jira Service Management

jira-servicemanagement-users-<sitename>

Manages license allocation for Jira Service Management.

Members of this group count towards the Jira Service Management license. This group has the ‘Jira Service Desk agent access’ global permission.

Jira Work Management

jira-workmgmt-users-<sitename>

Grants access to the Jira Work Management product under <site-name>.

Assigns all members the ‘Users’ project role, which allows members to see all project issues (unless protected by a security level) and create new issues.

Jira Administration

jira-admins-<sitename>

The default permissions granted to this group depend on the products you have. For example, if you have Jira products only, the group permissions will include only the Jira product permissions.

In Jira products:

  • The ‘Jira Administrators’ global permissions.

  • A member of the ‘Administrators’ project role, which allows members to edit project versions and manage project content (delete issues, comments, and manage watchers).

Confluence

confluence-users-<sitename>

Assigns the global permission to create and view Confluence content for the project, and create personal and global spaces.

confluence-admins-<sitename>

This group has the 'Confluence Administrator' global permission.

Confluence admins are granted the ‘confluence-users’ default permissions.

Users in the 'administrators' group have product access to Jira products, and therefore, require a Jira license. If you have users in the 'administrators' group that you don't need/want to take up a Jira license, you can create a new group, such as 'confluence-admins,' that you can use for admins that don't require a Jira license.

Opsgenie

opsgenie-users-<sitename>

The permission to access the Opsgenie product, which may include creating and editing Opsgenie alerts and schedules.

Statuspage

statuspage-users-<sitename>

The permission to access the Statuspage product and view any pages.

statuspage-admins-<sitename>

The permission to access the Statuspage product and manage user access to pages.

For instances created before August 2021

In this productDefault groupsDefault permissions
Site-wide groupsusers

For instances created before February 2014, this was the default group that new users were added to. In instances created after that date, all new users will be added to the '[product]-users' group for the product(s) they have access to instead of the 'users' group.

The default permissions granted to this group depend on the products you have in your service (for example, if you have Jira products only, the group permissions will include only the Jira product permissions).

In Jira products:

  • the 'Jira Users' and 'Bulk Change' global permissions.
    • 'Jira Users' allows users to log in to Jira
    • 'Bulk Change' allows users to bulk edit issues.
  • a member of the 'users' project role, which allows members to see all project issues (unless protected by a security level or a custom project permission scheme) and create new issues.

In Confluence:

  • the permission to create and view Confluence content for the project, create personal and global spaces

jira-developers

In Jira products:

  • the 'Browse Users', 'Create Shared Filter' and 'Manage Group Filter Subscriptions' global permissions in Jira.
  • a member of the 'Developers' project role, which allows members to edit, move, assign, be assigned, link, work on, resolve and close issues.

Typically, you add users who work on issues to this group. You can add users to this group from the Users page.

This group is named 'developers' in Jira instances created earlier than February 2014.



administrators

The default permissions granted to this group depend on the products you have (for example, if you have Jira products only, the group permissions will include only the Jira product permissions).

In Jira products:

  • the 'Jira Administrators' global permissions.
  • a member of the 'Administrators' project role, which allows members to edit project versions and manage project content (delete issues, comments, manage watchers).

In Confluence:

Users in the 'administrators' group have product access to Jira products, and therefore, require a Jira license. If you have users in the 'administrators' group that you don't need/want to take up a Jira license, you can create a new group, such as 'confluence-admins,' that you can use for admins that don't require a Jira license.

trusted-users-<id>

The users in this group have the Trusted role.

  • In Jira products:

    • the 'Jira Administrators' global permissions.

    • a member of the 'Administrators' project role, which allows members to edit project versions and manage project content (delete issues, comments, manage watchers).

  • In Confluence:

  • product user permissions.

  • the ability to invite users.

This group is not visible on the Groups page of your site. Users get added to this group when you set their role via the Role selector on the Invite users page or the user details page. This group is visible from the Jira and Confluence global permissions.

site-admins

Site-admins are the users who manage a site. The following permissions are currently available to site-admins:

  • All permissions assigned to the 'administrators' group for the product(s) you have
  • Access to user management (ability to create new users, assign users to groups, grant product access, etc.)
  • Access to billing information.

Users with this permission are considered site administrators for documentation and Support purposes, and they have access to all the products in the site

All Jira products

jira-users

The 'Jira Users' and 'Bulk Change' global permissions.

  • 'Jira Users' allows users to log in to Jira
  • 'Bulk Change' allows users to bulk edit issues.

A member of the 'Users' project role, which allows members to see all project issues (unless protected by a security level) and create new issues.

jira-administrators

The same default permissions assigned to the 'administrators' group, for only Jira products.

  • the 'Jira Administrators' global permissions.

  • a member of the 'Administrators' project role, which allows members to edit project versions and manage project content (delete issues, comments, manage watchers).

Jira Software

jira-software-users

A member of the 'Users' project role, which allows members to see all project issues (unless protected by a security level) and create new issues.

Jira Service Management

service-desk-agents

Jira Service Management uses this group to manage license allocation. Users in this group count towards the Jira Service Management license.

Confluenceconfluence-usersthe permission to create and view Confluence content for the project, create personal and global spaces
Opsgenieopsgenie-usersthe permission to access the Opsgenie product, which may include creating and editing Opsgenie alerts and schedules.

In addition to these groups, there is a default group that is used by Atlassian support staff. You can't edit this group or add users to it:

  • system-administrators

The 'sysadmin' user from this group can log into your site to provide support to you and to perform certain system maintenance tasks. This user automatically has full product access but does not count towards your license limit, no matter which groups it is placed in.

The account is only used by Atlassian. You may notice logins by this user even without having raised a support request. This is because certain types of system maintenance involve our automated systems performing tasks using this account.