Permission Auditor for Jira
Public documentation for Marketplace review and customer onboarding.

Read-only Jira governance

Permission Auditor for Jira

Permission Auditor for Jira is a read-only Jira Cloud app for admins, security teams, and compliance owners who need to answer a simple question with evidence: who has access to what, and why?

The app scans your Jira permission model, resolves effective access across schemes, roles, groups, and global permissions, and presents the results in one place. It also tracks changes between scans, flags risky access patterns, and exports CSV or PDF evidence for reviews and audits.

Last updated: 2026-03-14Built for Jira Cloud admins, security teams, and compliance ownersExports CSV and PDF audit evidence

What The App Does

Permission Auditor for Jira helps you:

  1. 01

    review effective permissions across Jira Cloud projects from one dashboard

  2. 02

    explain why access exists with grant-chain detail

  3. 03

    detect broad, risky, or unusual access patterns

  4. 04

    track permission drift between scans

  5. 05

    export audit-ready CSV and PDF reports

The app is read-only. It does not change your Jira permissions or project configuration.

Get Running Quickly

Everything an admin needs before the first meaningful permission snapshot.

Before you start

Before using the app, make sure:

  • you are using Jira Cloud
  • you have Jira admin access to the site where the app is installed
  • the app has been installed from Atlassian Marketplace
  • you have an active Atlassian Marketplace license for the app

Scan duration depends on the size and complexity of your Jira site. Larger sites may take several minutes to complete a full scan.

Install and open

After installation, open the app from Jira admin:

  1. Go to Jira Settings.
  2. Open Apps.
  3. Open Permission Auditor to review permission results.
  4. Open Permission Auditor Settings to manage scan policy and related settings.

If your Marketplace license is inactive, the app shows a license-required state until the subscription is active.

Run your first scan

On first use, the dashboard shows a welcome state until the app has completed a scan.

  1. Open Permission Auditor.
  2. Click Scan Now, or wait for the scheduled scan to run.
  3. Leave the page open to watch progress, or return later when the scan is complete.

The first scan builds the initial permission snapshot used by the dashboard, change tracking, anomaly review, and exports.

Understand The Results

The app is built to show not just access, but also the reason behind that access.

Permissions Dashboard

The main dashboard shows effective access across your Jira projects. Use the filters and search controls to narrow the result set and inspect the users, groups, roles, projects, and permissions involved.

Grant-Chain Detail

Permission detail explains why access exists. A typical grant chain may include the permission scheme, the project role or group that received the grant, and the user or group membership that made the permission effective.

Changes And Drift

After the first completed baseline scan, later scans can show what changed between snapshots. This helps you review added access, removed access, scheme changes, and other permission drift over time.

Anomalies

The app highlights suspicious or high-risk patterns such as unusually broad access, anonymous exposure, or admin-heavy project access that may deserve review.

Operational Detail

Exports, admin controls, and recurring-review workflows are part of the core experience.

Exports And Reports

Permission Auditor for Jira supports:

  • CSV exports for spreadsheet-based review and evidence collection
  • PDF exports for formatted audit and compliance reporting

Exports are generated from the app's current permission snapshot and are intended to support recurring access reviews, audit preparation, and internal investigation.

Settings And Administration

The Permission Auditor Settings page lets Jira admins manage operational settings such as:

  • scan timing and scan behavior
  • anomaly policy and thresholds
  • report branding inputs
  • history and related operational controls

Settings are intended for Jira admins. Other users should not rely on access to the app pages.

Privacy, Security, And Support

Permission Auditor for Jira runs on Atlassian Forge and uses Atlassian-managed hosting and authentication boundaries. The app is read-only and does not intentionally send customer data to external third-party processors.

  • Privacy policy

    Public customer-facing privacy policy for Marketplace review and ongoing operations.

    Privacy policy

  • End user terms

    Public customer-facing end user terms for Marketplace review and ongoing operations.

    End user terms

  • Support

    Public customer-facing support for Marketplace review and ongoing operations.

    Support

  • Security disclosure

    Public customer-facing security disclosure for Marketplace review and ongoing operations.

    Security disclosure

Support and security contact: workaroundapps1@gmail.com

FAQ

Straight answers for admins evaluating installation, licensing, and ongoing use.

Does the app change Jira permissions?

No. Permission Auditor for Jira is read-only. It scans and reports on Jira permission data but does not modify permissions.

Who can use the app?

The app is intended for Jira admins, compliance owners, and security teams working with Jira Cloud access reviews.

Why do I not see data yet?

If no scan has completed yet, run your first scan from the dashboard or wait for the scheduled scan. If the app shows a license-required message, confirm that your Atlassian Marketplace subscription is active.

Can I use the app for recurring reviews?

Yes. The app is designed for repeated scan-and-review workflows, including change tracking and export-based audit evidence.

Will the interface stay exactly the same?

Not necessarily. The product evolves over time, so exact layouts, labels, and screenshots may change between versions. This page is intended to describe the product workflow at a high level.