Support for Atlassian Server Products (and apps like BigPicture) has ended in February 2024.

Are you planning a migration to Cloud? Make sure you don't lose your BigPicture data/configurations in the process. Check out this page for information on how to migrate BigPicture's data to Cloud. If you have any questions please email

Security (Administration)

Table of contents

Permission toggle switch

The toggle switch changes BigPicture permissions only. It does NOT affect user Jira permissions.

Toggle switch on

Enabling 'Permissions for everyone' is handy for small organizations or evaluating the application. As a result, it is easier to test and learn how things work. However, switching the 'Permissions for everyone' option in a live environment may require more advanced access control. 

When enabled, every logged-in user has the same (Administrative) level of access which includes:

  • App's administration

  • Boxes and their content (depending on Jira permissions and security settings)

When you proceed to the App's Administration > Security tab, you will not be able to configure any Security roles:

The Security settings available in the Box configuration will also be turned off. 


Note: Permissions for everyone does NOT override Jira permission settings. If a user cannot access a project in Jira, they cannot bypass the lack of permissions using BigPicture. 

Users need to have access to both:

  • BigPicture

  • Jira projects

If necessary, adjust Jira project permissions (grant access to users).

Toggle switch off

When the 'Permissions for everyone' toggle switch is disabled, you can edit role permissions in the Security settings available under the App's Administration:

You will be able to implement changes to the Security settings in the Box configuration as well. 

Security settings configuration

In general, you can find information on Security settings on the following pages:

  • Box Types - this page contains information on configuring the default Security settings that work as a template when you create new Boxes and the Inheritance mode.

  • Global Roles - you are on this page - it explains the App's Administration settings and how access to the App is granted to, for example, Jira users.

  • Box configuration - this page explains what roles are available within the App and how to change them for an individual Box.

  • Security (Overview module) - this page explains the impact of setting up security Roles for the Home (root) Box and lists available roles.

You can change the global security in the BigPicture configuration. Otherwise, all users will be granted the highest level permissions. 

Besides the Jira permission and security settings, which are always respected by the app, there are two primary levels of security:

  • App-level (described on this page)

  • Box level

    • Includes the root (home) box 

    • boxes created and nested under the home box

Once the 'Permissions for everyone' option is disabled, permissions can be granted to individual users and Jira groups (Jira groups can only be created by a Jira Admin).

Security and access

Only a user with the App's admin security role can access and change the Security settings.

Navigate to Administration > Security.

Method 1:

Click the "wrench" icon at the top. Select "Security" from the dropdown list. 

Methoddropdownal security roles

App Admin

With this security role, you have administration access to every Box, Gadget, and Business Administration. As an App Admin, you will see all the created Boxes and access configuration areas. 

Jira admins are automatically granted the App admin security role, even though they aren't automatically listed in the App Administration > Security tab.

App Administrators don't necessarily need to be Jira Administrators. You can simply add a user as an "App Admin" if you want them to have full permissions in the App (access to all configurations and settings and ability to edit/create/delete Boxes and tasks).

Adding someone as an App admin doesn't mean they are listed as individual Boxes users, but they have full access. 

App user 

With this role, you can access the App and see the App's name on the header. Remember that this does not mean you have access to any Boxes.

For Example, Amiah has been added as an App user in the App's administration but hasn't been added to any existing Boxes. Even though she can access the App, when she goes to "Home," she will see the "There's nothing to display" message.

Leo is taking over the New Portfolio. He has been added to the Box as an admin but hasn't been added as a user in App Administration. When he logs in, he can't access the BigPicture.

Make sure to grant users access to Boxes, Gadgets, and the App itself.

Resource Admin

With this role, you can access all resource-related pages on the Administration page (and all available operations within these pages).

The Resource Admin role is effectively an extended App User role, which means that such a user:

  • Has basic access to the App (can access their user profile and see the App dropdown in the header)

  • can access Boxes based on dropdown Box security settings but does not receive access to all Boxes automatically like the App Admin

  • additionally, the user is allowed to administer resource-related global configuration (Administration > Resource manager page with all subpages, with no access to Box types and Security)

  • cannot access the App configuration unless the User is an Admin of the host platform simultaneously.