Overview
Permissions in Jira integration+ are built into every user interaction with the platform. This guide details how permissions work and the options available to your team.
Jira Integration+ automatically respects user's Jira permissions.
Project access can be further limited via our settings.
We have account admin and channel admin user types.
On this page: |
---|
Connected User and Application Link
The main user is the user who initially connected your bot in Slack to your Jira instance. This user requires admin permissions in Jira to create a connection to the APIs.
The default permissions for all API calls we make to Jira are automatically limited to the access of this main user and further limited based on user authorization (see below).
Some of our customers create service accounts for these users.
User connections
The first time users interact with the app, they will automatically be required to connect their Slack account to their Jira account to establish connectivity and permissions in Jira.
Your password is never shared with our systems.
Every action you take in Slack (create, comment, etc.) will be attributed to your Jira account.
Your permissions are based on your Jira access.
You will be asked to connect your account when performing your first action in Slack. You can also manually trigger the connection by typing /jira-plus connect.
Click the Connect Now button in Slack.
Click Allow in Jira.
Click the button to go to the home screen in Slack.
How permissions are applied
Learn how permissions would apply to specific scenarios using the following use cases.
Case 1: User project access equals the main user
In this case, the main user has access to Project FIN (Finance) in Jira, and the connected user has access to FIN (Finance) in Jira.
Result: The connected user has access to FIN with the app.
Case 2: User project access less than the main user
In this case, the main user has access to Project FIN (Finance) in Jira, and the connected user cannot access FIN (Finance) in Jira.
Result: The connected user cannot access FIN with the app.
Case 3: User project access more than the main user
In this case, the main user cannot access Project FIN (Finance) in Jira, and the connected user can access FIN (Finance) in Jira.
Result: The connected user cannot access FIN with the app.
Why? The main user is the primary connection to Jira, and the app's permissions are inherited from the main user as a starting point. Every other user's access is a subset of the main user's access.
Case 4: User can view but not update issues in Project
In this case, the connected user has VIEW access to Project FIN (Finance) in Jira but does not have UPDATE access.
Result: Connected users can view FIN issues but cannot update issues in FIN.
Why? Users can never perform actions in the app that are not allowed in the Jira settings.
Overriding permissions with settings
If you don't want to manage access in Jira you can also restrict or allow access to specific projects in the app settings. This feature is available in your account (assuming you have administration permission).
Login to your account.
Go to Settings under Jira Integration+.
Scroll to the Blocked Projects section.
Choose your blocking action.
Allowed - only projects you select will be allowed.
Denied - projects you select will be denied.
Click the Save button to save changes.
Changing the Main User
Changing your main account will reset your connections to Jira.
Switching the main user can cause disruptions for your team if you already use our production platform. The disruption is based on the authorizations in Jira for your API connection and how OAuth connects and authorizes with the APIs. If you are making this change it might be a good time to move to a service account.
The main impact for users will be requests to re-authorize their accounts.
Log in to Jira using the account you would like to use as your main user.
Scroll down to the Integration+ Status section.
Find the Main authorized user section.
Click the change link.
Click the Allow button in Jira.