-
Suggestion
-
Resolution: Unresolved
-
22
-
Problem Definition
Currently, on an Organization, any Org administrators can:
- Add or remove domains.
- Add or remove organization admins.
- Perform any of the actions listed in Managed accounts.
- Subscribe to Atlassian Access and apply security policies on all managed accounts.
- Be added to existing organizations.
As per customer feedback, there should be a more granular approach of the Organization administrators permissions as in many cases the original Organization administrators may only want to grant access to the Managed accounts section to new administrators so they can help on managing users without having the ability to alter billing details or changing any other configuration.
Suggested Solution
Implement a level of access within the Organization where "super" admins(the creator of the Organization) can select which level of access the other admins will get.
Current documentation
- is duplicated by
-
- Gathering Interest
- mentioned in
-
Page Failed to load
-
Page Failed to load
-
Page Failed to load
-
Page Failed to load
-
Page Loading...
-
- relates to
-
[ACCESS-598] Add level of access for Organization administrators
Additional context from our Atlassian admin team members:
We'd like the ability to create custom roles across the cloud products w/ a custom set of permissions. Our goal would be to create custom read-only roles for use by our support teams and internal customers to provide them with visibility to items normally only accessible with admin access.
Today you can only create custom roles for Jira/Confluence and even those roles have a limited set of permissions to choose from. We'd ideally like to create read-only roles, some that would have read-only access to content normally only visible to a site or org admin, and others that would have read-only access to some jira admin settings (but not the ability to modify project permissions).
Would recommend retitling this request to be something more akin to "Allow for custom Organizational admin roles and entitlements."
The three levels of admins (org, site, product) are causing some issues for us. The team responsible for access and hence the org owner is a central IT team. For compliance reasons, they cannot grant me access as org admin - which makes sense. However, only an org admin can make certain modifications that are not their responsibility, such as:
- managing sandboxes
- creating new Jira sites
- managing release tracks
These actions should be available to the site/product owners and not tied to access management.
I've reopened the request to see if it gathers more interest. Please do vote/watch on this ticket - as we use those fields to determine activity.
Please reopen this feature request - more granular Org Admin capabilities are required for managing multiple sites across our business.
Hi everyone,
Thank you for bringing this suggestion to our attention.
As explained in our new feature policy, there are many factors that influence our product roadmaps and determine the features we implement. When making decisions about what to prioritize and work on, we combine your feedback and suggestions with insights from our support teams, product analytics, research findings, and more. This information, combined with our medium- and long-term product and platform vision, determines what we implement and its priority order.
Unfortunately, as a result of inactivity (no votes or comments for an extended period of time), this suggestion didn’t make it to the roadmap and we are closing it.
While this issue has been closed, our Product Managers continue to look at requests in https://jira.atlassian.com as they develop their roadmap, including closed ones. In addition, if you feel like this suggestion is still important to your team please let us know by commenting on this ticket.
Thank you again for providing valuable feedback to our team!
Your input in the comments helps us understand how this affects you and what you're hoping to accomplish.
This suggestion is a priority for our development team, but I am not able to provide an accurate estimate for when this will be resolved. We will update this issue as soon as we can confidently project a release.
Please don't hesitate to contact me if you have any questions.
Regards,
Avni Barman
Email
Product Manager, Atlassian Access
I agree completely that the existing limitations imposed on site admins don't seem helpful.
Having run a 'Server' instance for appx 6 years (including amalgamating two company instances as well as all the tother daily admin requirements) then migrated to a cloud instance late last year (where I had full control of the Cloud system initially) I now find that having been pulled into the larger 'Enterprise/organisation' scenario.. I have lost the ability to
a) Manage Sandboxes
b) View upcoming beta release information
c) Apply for a Beta programs for the sites I manage
With all of the above being privvy only to those granted 'organisation admin' rights.
To be clear: Our 'organisation admin' people are not 'Atlassian product experts' - they are the people that ultimately manage the billing of the products but they do not have the wealth of experience that our site admins have.
Being pulled into a large organisation structure has therefore presented a 'backwards step' in terms of site management - whereby a site admin now has to ask a layer of people who are in general only looking to perform billing functions to perform system administration on their behalf.
I could 'apply' to the organisation admins to become and org admin myself - but then presumably that would grant me additional access to items that I genuinely have no interest (or right) to see - so that's not the 'right' solution (from a security perspective).
Can you please consider revamping these permissions to provide the granular ability for org admins to grant additional permissions to site admins such as those outlined above.
Thanks - Steve