Creating project via API requires administator group but for UI it does not

I can create a project as a user without having the “administrator” group assigned to me, but if I try to create a project using the API (as the same user), the API gives this error:
“You must have global administrator rights in order to modify projects.”

There’s a previous discussion about this where the answer is that there’s an error in the documentation, but that doesn’t really address the issue.

I don’t think you do or should need the “administrator” privilege just to create a project (and you don’t need it when creating one manually). So it seems that there’s an inconsistency between the permissions you get via API versus as a web interface (cloud) user. And, if I am forced to give the API administrator level access just so it can create projects, this is less secure.

Any advise is appreciated on this. I would like to understand if there is essentially a bug in the way permissioning is working for the API (because it’s different than permission of a user through the web) or if I’m not understanding something myself.

Here’s the API call that I use:

curl -D- -u MYEMAIL:MYAPIKEY -X POST -H “Content-Type: application/json” URLHERE/rest/api/2/project --data ‘{“name”:“testproject8”, “key”:“TP8”, “projectTypeKey”: “business”, “leadAccountId”: “XXXXXXXX”}’

Hello @rgiulytestnoodleai,

I’ll divide your question into two different concerns when accessing Create project REST API:

  1. Via connect app
  2. Via CLI / Postman / basic auth

When accessing via a connect app, the documentation states that the scope needed is PROJECT_ADMIN only. However, there’s an existing issue regarding this wherein the workaround is to use ADMIN scope (please see ACJIRA-1522).

The 2nd scenario, via CLI just like what you tried, based on the docs you should have an Administer Jira global permission, hence, the error you are getting.

As for the first scenario, while ACJIRA-1522 is not yet fixed, I suggest that you raise another doc improvement request by hitting the Give docs feedback link on the upper-right hand side of the docs page so that the team will be aware of it.

Cheers,
Ian