Page Permissions

    Pages within a wiki are generally open to anyone who has access to the JIRA project.

    Sometimes however, you have a page with sensitive information you don't want all users to have access to. Things like shared credentials, admin specific notes, and so forth. In those cases, you can protect your pages via built-in page permissions.

    To change permissions of a page, visit the permissions screen either by clicking the lock icon from the "Pages" list or the permissions button from the page sidebar.

    page list with lock icon

    page sidebar with permissions button

    Pages can be marked as open to everyone within the project, private (only open to users in specific groups or roles), or open to the public.

    permissions screen top section

    Users with write access can perform any action against the page without restriction.

    Users with only read access can see the page content (attached files, past versions, page history, page activity stream), and can comment on a page, but cannot change the page content, or attach new files, or revert to a previous version of a page.

    Permissions for groups are based on a hierarchy, this means if you specify read-only access for the "users" group, any group above that will have full access. If you specify read-only access for the developers groups, then only the admin group would have write access.

    Permissions for roles apply only to users with a given role.


    There are 2 special cases to permissions.
    1) users in the JIRA Administrators group always have read/write access to a page
    2) the owner of a page always has read/write access to a page. This is to prevent accidentally locking out the owner.

    Public Pages

    Pages that are marked as open to the public receive a special url that allows users outside of JIRA (without a JIRA account!) to see the page content, comments, and have access to files linked to within the page content.

    Public pages show with minimum styling.


    If a page is marked as public, any logged in user within JIRA will have at least read access to the page. This includes users from groups and roles that do not have read access to the page.