• 4,558
    • 290
    • Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

      NOTE: This suggestion is for JIRA Cloud. Using JIRA Server? See the corresponding suggestion.

      Atlassian Update – 25 November 2024

      Hi everyone,

      Thank you for taking the time to share your challenges around identifying where groups are utilised within Jira. After a thorough review by the team, we have decided that we will not be able to implement this suggestion in the next 12-18 months. We will be maintaining this ticket's status as "Gathering Interest" in order to continue learning from all of you about pain points and challenges relating to this suggestion, and will continue to re-visit this ticket in our ongoing product planning.

      We understand that this is not the update you may have been hoping for, especially given the longstanding nature of this issue. Please don't hesitate to contact me if you have any questions or feedback.

      Regards,
      Aditi Dalal
      adalal@atlassian.com
      Product Manager, Jira Cloud

      In the project role menu, we have the option to see the usage of the role per project. It would be useful, if we have this same option to check usage for groups, this way the Jira administrator could check the access of a specific group for each project.

      Workaround

      An alternative way is to leverage Jira cloud REST Api to get the details to check if a group is being used in a permission scheme. See below for sample script.

            [JRACLOUD-71967] Group usage - List of project permission per group

            I don't understand why this can't be prioritized in 2025...

            Many of your customers (particularly Enterprise customers) have to comply with ISO27001 which require activities like regularly reviewing access control policies and procedures.

            This is almost impossible to do in admin.atlassian.com and the tools without manually reviewing groups and permissions individually. Understanding what adding / removing groups will do to permissions and product access is a minefield.

            Also, I'm conscious that working on this functionality will not make Atlassian any more money. It's not a new product, it's unlikely to encourage users to add more users, it's just making an existing product align with user expectations and value.

            If this ever gets worked on and is paywalled behind an Enterprise only feature, I will be deeply disappointed.

            Dave Meredith added a comment - I don't understand why this can't be prioritized in 2025... Many of your customers (particularly Enterprise customers) have to comply with ISO27001 which require activities like regularly reviewing access control policies and procedures. This is almost impossible to do in admin.atlassian.com and the tools without manually reviewing groups and permissions individually. Understanding what adding / removing groups will do to permissions and product access is a minefield. Also, I'm conscious that working on this functionality will not make Atlassian any more money. It's not a new product, it's unlikely to encourage users to add more users, it's just making an existing product align with user expectations and value. If this ever gets worked on and is paywalled behind an Enterprise only feature, I will be deeply disappointed.

            Hi, yes this is a real pain to manage the groups properly especially when you try to perform a clean up.

            Tomáš Horký added a comment - Hi, yes this is a real pain to manage the groups properly especially when you try to perform a clean up.

            Yeah, let's have AI that hallucinates me some Automation features that don't even exist rather than the ability to find out in which projects a group is permitted - a basic feature as mentioned by so many before.
            This is why people I know have become reluctant to use Atlassian Cloud products.

            Paul Hanetzog added a comment - Yeah, let's have AI that hallucinates me some Automation features that don't even exist rather than the ability to find out in which projects a group is permitted - a basic feature as mentioned by so many before. This is why people I know have become reluctant to use Atlassian Cloud products.

            Please Atlassian gert this done sooner than later - it is a security standard to have this. 

            How are we supposed to perform effectxive auditing and cleanup on user permissions? 

            Sussi Åström added a comment - Please Atlassian gert this done sooner than later - it is a security standard to have this.  How are we supposed to perform effectxive auditing and cleanup on user permissions? 

            Obviously this is a sorry gap in what is easily considered a critical function. I'd like to suggest that this feature, when built must go beyond group permissions.

            • Groups are used in workflow validators, conditions.
            • Groups are used in issue security schemes.
            • Groups are used in automations.

            This is a huge feature, but critical to making the management of groups over time possible.

            Chris Garstin added a comment - Obviously this is a sorry gap in what is easily considered a critical function. I'd like to suggest that this feature, when built must go beyond group permissions. Groups are used in workflow validators, conditions. Groups are used in issue security schemes. Groups are used in automations. This is a huge feature, but critical to making the management of groups over time possible.

            Christian Winter added a comment - - edited

            Dear Atlassian Team,

            please consider at least to implement the group usage as it was in Jira Server/DC. I am referring to this setting: 

            This still lacks the option to see, where a group has project roles but would definitely be a good first step to make it a bit easier for customers to identify group usage in the Cloud. 

            In Jira Cloud the only way for customers to currently identify group usage to some extend is through the REST API, as SQL is not an option in the Cloud. Or Atlassian Support is kind enough to execute the SQL Statements...

            But in my opinion utilizing the REST API ( through curl or Python Scripts) shouldn't be the first step for customers that they need to rely on. It would be better if there would be at least some fundamental reporting features through the GUI for group usage. (perhaps in Atlassian Administration > groups > open a group > three dots > show group usage). 

            Or implementing something similar for Jira like the admin tool "User access" that can be found in Confluence Cloud, that allows to create a CSV report, to get a high-level overview in which spaces a group is being used. 

            Kind regards,

            Christian Winter 

            Christian Winter added a comment - - edited Dear Atlassian Team, please consider at least to implement the group usage as it was in Jira Server/DC. I am referring to this setting:  see picture under purpose heading: https://confluence.atlassian.com/jirakb/how-to-identify-group-usage-in-jira-441221524.html This still lacks the option to see, where a group has project roles but would definitely be a good first step to make it a bit easier for customers to identify group usage in the Cloud.  In Jira Cloud the only way for customers to currently identify group usage to some extend is through the REST API, as SQL is not an option in the Cloud. Or Atlassian Support is kind enough to execute the SQL Statements... But in my opinion utilizing the REST API ( through curl or Python Scripts) shouldn't be the first step for customers that they need to rely on. It would be better if there would be at least some fundamental reporting features through the GUI for group usage. (perhaps in Atlassian Administration > groups > open a group > three dots > show group usage).  Or implementing something similar for Jira like the admin tool "User access" that can be found in Confluence Cloud, that allows to create a CSV report, to get a high-level overview in which spaces a group is being used.  Kind regards, Christian Winter 

            5+ years gathering interest for one of the most basics IT Controls Request in the Enterprise World.

            wow Atlassian...

            Marc Schmit added a comment - 5+ years gathering interest for one of the most basics IT Controls Request in the Enterprise World. wow Atlassian...

            +1 to wanting this feature implemented.

            Karson Fitzgerald added a comment - +1 to wanting this feature implemented.

            Jochen Wirth added a comment - - edited

            How can I filter an which tickets is worked on the next 12-18 month. I am really curious what is the focus of Atlassian is. 

            Jochen Wirth added a comment - - edited How can I filter an which tickets is worked on the next 12-18 month. I am really curious what is the focus of Atlassian is. 

            Well I guess this one is probably on track for delivery ten years after submission.

            Rick Westbrock added a comment - Well I guess this one is probably on track for delivery ten years after submission.

              jthomas@atlassian.com Justin Thomas
              lmenezes Lele (Inactive)
              Votes:
              824 Vote for this issue
              Watchers:
              428 Start watching this issue

                Created:
                Updated: