Clone wiki

User Access Assessor for JIRA / Home

#holydevPluginLogo.png User Access Assessor for JIRA #

Apwide User Access Assessor add-on enables you to easily check which JIRA users need to keep an active account and which ones could live without it. It will help you a lot if you need to perform regular assessments of your JIRA accounts (ex : for compliance reasons).

We have created this plugin to help our customers to save time and money, we hope that it will also help you.

Give it a try !

#UserAssessmentIcon.png How does it work ?

###1. Launch a new assessment campaign The plugin will scan all active users in JIRA and add them in an assessment queue. ###2. User's self assessment Each user in the assessment queue and logged in JIRA will be asked to confirm if he still needs access to JIRA. ###3. Administrator's assessment At any time, the administrators can assess user accounts.

Note that the admin decision always overrides the user decision. ###4. Check the campaign status At any time, the administrator can check the status of the assessment campaign and extract the campaign data into an Excel report.

Note that this report is also available for closed campaign.

###5. Close campaign and apply decisions When all accounts are assessed, the administrator can close the assessment campaign. When a campaign is closed, the final assessment decision is applied to all assessed users in that way:

  1. All users who should not be able to access JIRA anymore will be set to inactive
  2. All administrators who should not be administrators anymore will be removed from administrators groups

###6. Download and store the assessment reports

When an assessment campaign is closed, it is a good practice to generate a copy of the csv report in a safe place for auditability reasons.

#UserAssessmentIcon.png User Manual

###1. Launch a new assessment campaign * Pre-requsite : you are a JIRA administrator * Log in administration/User Management menu * Open User Assessment/Current Campaign page * Click on button Create New Campaign (if no button appears, skip this test, it means that a campaign already exists). Choose a name and a description for the campaign you want to launch (ex : "my first user assessment campaign") * When a campaign is created, you can launch it. Launching a campaign means asking to all your active JIRA account to confirm that they are still using JIRA (= user self assessment). Launching will not fire any e-mail notification. it will just display a red banner in the issue page asking connected users to self assess their account (cf next step for more details). To launch the campaign, click on the button "Launch", the system will ask you to set a response deadline. Response deadline can be edited later on, as long as the campaign is not closed. This date is only informative.

N.B. It can be useful to inform all your users by e-mail explaining to them that they need to assess their account before a certain date. The plugin currently does not support automatic e-mail sending, but you can easily get address e-mails of all users involved in the assessment using the built-in Excel report (cf below for more details).

###2. User's self assessment Each connected user will see a red banner on the top of the issue page asking him to assess his account. When user click on "assess" a popup will appear and the user can select his decision :


After the user has taken his decision, the red banner disappears.

###3. Administrator's assessment * Go to Administration/User Management menu * Open User Assessment/Current Campaign page * Select the tab at the bottom of the page to view the users involved in the campaign * For each user, you can click on assess to open the admin assessment popup : * If you have a lot of user account to assess, you can enable the load next option at the bottom of the popup. It will allow us to directly assess the next user account in the list without closing the popup :

N.B. Assessment is a decision. No access right is changed after a user self assessment or admin assessment operation. Admin assessment overrides User assessment. For example, if a user wants to keep access to JIRA and the admin decides that he should not, the admin decision will be the applied one.

N.B. Administrator is forced to assess explicitly all accounts with admin privileges. For standard account, admin assessment is optional.


###4. Check the campaign status (Excel Report)

  • Go to Administration/User Management menu
  • Open User Assessment/Current Campaign page
  • Click on Export Data
  • An excel export should be automatically downloaded
  • You can access the Excel report and data of any closed campaign from the Administration/User Management/Past Campaigns menu


###5. Close campaign

Closure of a campaign will apply the assessment decision. Ex : if admin or user has decided not to keep his JIRA account active, the group "jira-users" will be removed from this user. This user will be then unable to log in JIRA and his license is available to be used by someone else.

To close a campaign :

  • Go to Administration/User Management menu
  • Open User Assessment/Current Campaign page
  • Click on Close
  • If there are still user accounts that are not assessed, the system will ask you to assess the remaining accounts BEFORE closing the campaign. You have quick access to all accounts to be assessed from the To Assess tab.
  • If all user accounts are assessed, decision will be applied to each user account and the campaign will be closed.
  • You can access the Excel report and data of any closed campaign from the Administration/User Management/Past Campaigns menu

#UserAssessmentIcon.png Quick References * installation procedure here * please, rate this plugin if you use it * open issues here * about