Granting Permissions to Admins and Users

Dear Atlassian Developer Community,

I hope this message finds you well. I am currently building a Jira app using Forge and I am in need of your guidance regarding granting permissions to administrators and users within the Atlassian environment. Your expertise and insights would be greatly appreciated in helping me implement this functionality effectively.

Specifically, I would like to achieve the following objectives:

  1. Grant full administrative access to designated administrators.
  2. Limit access for regular users to certain features or sections within the application.

In addition, I have a question regarding the ideal environment for testing and validating user access. Currently, I have been working in the development environment, but I am uncertain whether transitioning to the production environment would provide more accurate assessments of user access and permissions.

I kindly request your advice on the following matters:

  1. What is the recommended method or best practice for granting permissions to administrators and users ?
  2. How can I differentiate between administrators and regular users and enforce limited access for the latter?
  3. Should I transition my development environment to the production environment in order to properly assess whether a user can access the admin page or not?

Your invaluable insights and recommendations will greatly assist me in successfully implementing the necessary functionality. I truly value your expertise and experience within the Atlassian community, and I eagerly look forward to your guidance.

Thank you sincerely for your time and assistance. Your support is greatly appreciated.

Best regards,

1 Like

Hi @FarahHelali ,

If you want to determine whether a user is a Jira Administrator, you can do so with the My Permissions API: and see if the ADMINISTER or SYSTEM_ADMIN permission is among what the user has. /rest/api/3/mypermissions?permissions=ADMINISTER,SYSTEM_ADMIN

For testing, you should add extra users to your development environment and give them various permissions, logging in and out between them to test your app behaves as expected.

1 Like

Hey, thank you for your reply.
Actually, We have implemented the process of retrieving permissions and checking if a user has administrative access using the My Permissions API. However, during testing, we encountered an issue where assigning a user as a Jira Administrator did not grant them access to the admin page.

In our testing, we followed the suggested approach of adding extra users to our development environment and assigning them various permissions. When we assigned a user as a Jira Administrator, the user was able to access the admin page. However, upon clicking the “Allow Access” button on that page, they were redirected to a different page which stated that they didn’t have the necessary permissions to access it.

We are currently investigating this issue to understand why the assigned permissions are not providing the expected access to the admin page.