Command security

Command security controls the actions users in security groups can access. A user can only perform actions for commands enabled in the group they are in.

Note: Security groups also have field security to limit the information users can view and change in items and workflow events. See Field security.

When configuring security groups, only enable commands for actions users need to perform based on their roles and responsibilities. This reduces the potential for users to accidentally modify data or settings they should not have access to. For example, you can enable the Add Issues, Edit Issues, and View Issues commands to let users work with issues. You can also disable the Delete Issues, Edit Closed Issues, and Edit Locked Issues commands to prevent users from changing issues in specific workflow states or removing issues from the project.

Keep the following in mind when configuring command security.

See Security Commands for the available security commands and actions they provide access to.

Tip: As you work with security groups, you can use security group comparison reports to review permissions set for groups and compare settings between them. See Creating security group comparison reports.