Create and update groups

We’re currently rolling out changes that affect the content on this page. From your organization at admin.atlassian.com, if the Users list and Groups list are under the Directory tab, you have the improved user management experience. We’ll note changes for the improved experience in the content below.

A diagram of an new admin.atlassian.com view that shows a new Directory tab instead of Users and Groups

When multiple users in your organization need the same permissions or restrictions, you can add the users to a group and then give the groups product access. You must be a site admin or organization admin to create and manage groups using admin.atlassian.com.

You can't add Jira Service Management portal-only customers (i.e. those submitting support service project requests) to any groups. Learn more about managing portal only customers

Create a group

To create a new group:

Go to admin.atlassian.com. Select your organization if you have more than one.
Select the site's name and URL to open the Admin for that site, then select Groups.
This step is different if you have the improved user management experience.
Select Directory > Groups.
Select Create group.
Enter the group’s details, including its name and members.
Select Create.

You’ll be redirected to the group detail screen. To give the group product access:

Select Add products.
Select a product role from the Product roles dropdown.
Select Add.

Edit a group

To edit the group name and description:

Go to admin.atlassian.com. Select your organization if you have more than one.
Select the site's name and URL to open the Admin for that site, then select Groups.
This step is different if you have the improved user management experience.
Select Directory > Groups.
Select the group with the details you want to edit.
Select the More actions icon (•••) next to Add group members.
1. This feature is only available if you have the improved user management. Select Edit group name to rename the group.
2. Select Edit description to change the description.
Select Save changes.

Editing groups names is currently a beta feature, here’s some things to keep in mind:

You can only edit group names if your organization has the improved user management experience.
You can’t edit the name of a group if it's used within some Jira administration settings or if it has a restricted or protected name. Some group name changes could have an impact on your apps.
If you edit a group name associated with a Jira Cloud automation rule it will stop working.

Learn more about group name changes

To manage or remove product access from a group:

Go to admin.atlassian.com. Select your organization if you have more than one.
Select the site's name and URL to open the Admin for that site, then select Groups.
This step is different if you have the improved user management experience.
Select Directory > Groups.
Select the group with the details you want to edit.
1. To manage product access: In the Group product access table, select another role in the Product roles dropdown for the relevant product.
2. To remove product access: In the Group product access table, select the More actions icon (•••) next to the relevant product and select Remove product from group.

Delete a group

To delete a group:

Go to admin.atlassian.com. Select your organization if you have more than one.
Select the site's name and URL to open the Admin for that site, then select Groups.
This step is different if you have the improved user management experience.
Select Directory > Groups.
Select the group you want to delete.
Select the More actions icon (•••) next to Add group members.
Select Delete group.
Confirm that you want to delete this group, then select Delete group.

You can’t delete a group if it’s marked as a Default access group.

Update group membership

To add users to a group:

Go to admin.atlassian.com. Select your organization if you have more than one.
Select the site's name and URL to open the Admin for that site, then select Groups.
This step is different if you have the improved user management experience.
Select Directory > Groups.
Select the group that you want to add users to.
Select Add group members and search for the users you want to add.
Select Add users.

To remove users from a group:

Go to admin.atlassian.com. Select your organization if you have more than one.
Select the site's name and URL to open the Admin for that site, then select Groups.
This step is different if you have the improved user management experience.
Select Directory > Groups.
Select the group that you want to remove users from.
In the user table, select the More actions icon (•••) for the user you want to remove.
Select Remove member from group.
Confirm that you want to remove this user, then select Remove from group.

Default groups and permissions

Users are automatically placed in default groups (formatted as [product-name]-users-<sitename> e.g. Jira-Software-users-atlassian.com) when you invite users to a cloud product. These default groups allow users to access the product with basic permissions. Each product must have at least one default access group and it’s possible to have more than one. You can further restrict users' access within a product by using the product's permissions.

Depending on when you created your site, there might be slight differences in your site’s default groups.

The default groups in this table may be different for your organization. For example, an admin may have deleted the automatically created jira-software-users-atlassian.com default group, and moved all users to jsw-users-atlassian.com, a new default group.

For instances created after August 2021

In this product	Default groups	Default permissions
Org-wide groups	site-admins	Contains users who manage all your sites and the organization. The following default permissions are available for site-admins: All permissions assigned to the 'administrators' group for the products you have. Access to user management (ability to create new users, assign users to groups, grant product access, etc.). Access to billing information. Access to all organization level settings. Access to all site level settings. Access to all the products in the site. Users with these permissions are considered organization administrators for documentation and support purposes.
Jira Software	jira-software-users-<site-name>	Grants access to the Jira Software product under <site-name>. Assigns all members the 'Users' project role, which allows members to see all project issues (unless protected by a security level) and create new issues.
Jira Service Management	jira-servicemanagement-users-<sitename>	Manages license allocation for Jira Service Management. Members of this group count towards the Jira Service Management license. This group has the ‘Jira Service Desk agent access’ global permission.
Jira Work Management	jira-workmgmt-users-<sitename>	Grants access to the Jira Work Management product under <site-name>. Assigns all members the ‘Users’ project role, which allows members to see all project issues (unless protected by a security level) and create new issues.
Jira Administration	jira-admins-<sitename>	The default permissions granted to this group depend on the products you have. For example, if you have Jira products only, the group permissions will include only the Jira product permissions. In Jira products: The ‘Jira Administrators’ global permissions. A member of the ‘Administrators’ project role, which allows members to edit project versions and manage project content (delete issues, comments, and manage watchers).
Confluence	confluence-users-<sitename>	Assigns the global permission to create and view Confluence content for the project, and create personal and global spaces.
Confluence	confluence-admins-<sitename>	This group has the 'Confluence Administrator' global permission. Confluence admins are granted the ‘confluence-users’ default permissions. Users in the 'administrators' group have product access to Jira products, and therefore, require a Jira license. If you have users in the 'administrators' group that you don't need/want to take up a Jira license, you can create a new group, such as 'confluence-admins,' that you can use for admins that don't require a Jira license.
Opsgenie	opsgenie-users-<sitename>	The permission to access the Opsgenie product, which may include creating and editing Opsgenie alerts and schedules.
Statuspage	statuspage-users-<sitename>	The permission to access the Statuspage product and view any pages.
Statuspage	statuspage-admins-<sitename>	The permission to access the Statuspage product and manage user access to pages.
Trello	trello-users-<enterprise_name>	The permission to access the Trello product and view the default workspace.
Trello	trello-admins-<enterprise_name>	The permission to access the Trello product and manage user access to workspaces.

For instances created before August 2021

In this product	Default groups	Default permissions
Site-wide groups	users	For instances created before February 2014, this was the default group that new users were added to. In instances created after that date, all new users will be added to the '[product]-users' group for the product(s) they have access to instead of the 'users' group. The default permissions granted to this group depend on the products you have in your service (for example, if you have Jira products only, the group permissions will include only the Jira product permissions). In Jira products: the 'Jira Users' and 'Bulk Change' global permissions. 'Jira Users' allows users to log in to Jira 'Bulk Change' allows users to bulk edit issues. a member of the 'users' project role, which allows members to see all project issues (unless protected by a security level or a custom project permission scheme) and create new issues. In Confluence: the permission to create and view Confluence content for the project, create personal and global spaces
Site-wide groups	jira-developers	In Jira products: the 'Browse Users', 'Create Shared Filter' and 'Manage Group Filter Subscriptions' global permissions in Jira. a member of the 'Developers' project role, which allows members to edit, move, assign, be assigned, link, work on, resolve and close issues. Typically, you add users who work on issues to this group. You can add users to this group from the Users page. This group is named 'developers' in Jira instances created earlier than February 2014.
	administrators	The default permissions granted to this group depend on the products you have (for example, if you have Jira products only, the group permissions will include only the Jira product permissions). In Jira products: the 'Jira Administrators' global permissions. a member of the 'Administrators' project role, which allows members to edit project versions and manage project content (delete issues, comments, manage watchers). In Confluence: the 'Confluence Administrator' global permissions Users in the 'administrators' group have product access to Jira products, and therefore, require a Jira license. If you have users in the 'administrators' group that you don't need/want to take up a Jira license, you can create a new group, such as 'confluence-admins,' that you can use for admins that don't require a Jira license.
	trusted-users-<id>	The users in this group have the Trusted role. In Jira products: the 'Jira Administrators' global permissions. a member of the 'Administrators' project role, which allows members to edit project versions and manage project content (delete issues, comments, manage watchers). In Confluence: the 'Confluence Administrator' global permissions. product user permissions. the ability to invite users. This group is not visible on the Groups page of your site. Users get added to this group when you set their role via the Role selector on the Invite users page or the user details page. This group is visible from the Jira and Confluence global permissions.
	site-admins	Site-admins are the users who manage a site. The following permissions are currently available to site-admins: All permissions assigned to the 'administrators' group for the product(s) you have Access to user management (ability to create new users, assign users to groups, grant product access, etc.) Access to billing information. Users with this permission are considered site administrators for documentation and Support purposes, and they have access to all the products in the site
All Jira products	jira-users	The 'Jira Users' and 'Bulk Change' global permissions. 'Jira Users' allows users to log in to Jira 'Bulk Change' allows users to bulk edit issues. A member of the 'Users' project role, which allows members to see all project issues (unless protected by a security level) and create new issues.
All Jira products	jira-administrators	The same default permissions assigned to the 'administrators' group, for only Jira products. the 'Jira Administrators' global permissions. a member of the 'Administrators' project role, which allows members to edit project versions and manage project content (delete issues, comments, manage watchers).
Jira Software	jira-software-users	A member of the 'Users' project role, which allows members to see all project issues (unless protected by a security level) and create new issues.
Jira Service Management	service-desk-agents	Jira Service Management uses this group to manage license allocation. Users in this group count towards the Jira Service Management license. the 'Jira Service Desk agent access' global permission
Confluence	confluence-users	The permission to create and view Confluence content for the project, create personal and global spaces
Opsgenie	opsgenie-users	The permission to access the Opsgenie product, which may include creating and editing Opsgenie alerts and schedules.
Trello	trello-users-<enterprise_name>	The permission to access the Trello product and view the default workspace.
	trello-users-<enterprise_name>	The permission to access the Trello product and manage user access to workspaces. Learn about Trello Enterprise names
Statuspage	statuspage-users	The permission to access the Statuspage product and view any pages.
Statuspage	statuspage-adminstrators	The permission to access the Statuspage product and manage user access to pages.

In addition, there's a default group system-administrators used by Atlassian Support staff. You can't edit this group or add users to this group.

The 'sysadmin' user from this group can log in to your site to provide support to you and to perform certain system maintenance tasks. This user automatically has full product access but does not count towards your license limit, no matter which groups it is added to.

The account is only used by Atlassian. You may notice logins by this user even without having raised a support request. This is because certain types of system maintenance involve our automated systems performing tasks using this account.

Was this helpful?

It wasn't accurate

It wasn't clear

It wasn't relevant