When a company grows and reach a large number of employees, it's usual to have a team responsible to give access to the tools adopted by the company. Jira and Confluence are some of them.

Currently, it's necessary to give a site-admin permission (too broad) to the group of users that will create, remove, set permission of other users accounts.

The suggestion here is to create a new group (suppose user-management) that allows a set of users the permission to manage other user accounts.

• Only site-admins could give those permissions.
• It could be a global permission (no projects permission involved).