Manage User Access
The Roles tab lets you view and manage the permissions that are available to a single user account. Users are granted permissions based on the roles that they are assigned in one or more projects.
You can also grant users access in a project by adding them directly to the project team. For more information, see Manage the Project Team.
note
Working with an External Hub ServiceIn YouTrack installations that are connected to an external Hub service, personal information and access rights for YouTrack user accounts are managed directly in Hub. The YouTrack profile contains a link to the Hub account which you can use to update personal information and manage logins for the YouTrack user account.
To learn how to manage access rights for a user account in Hub, please refer to the Hub documentation.
The access permissions for a user account are displayed on the Roles tab of the account profile. Here, you can view which roles and permissions are assigned to the account.
The list displays each role assigned to the user and the number of projects or organizations in which the user is granted this level of access.
Nested under each role is the reason for the assignment. Here you see whether the user is granted a role in a project or an organization as a member of a group, a member of the project team, or with a direct assignment.
The sidebar displays the set of permissions that are assigned to the selected role.
![Roles tab user Roles tab user](https://resources.jetbrains.com/help/img/youtrack/2024.3/roles-tab-user.png)
tip
Requires permissions: Read User Full, Read Role, Read Project Full, Read Group
If you do not want to assign a role to all members of a group, you can assign the role to a user account directly.
tip
Requires permissions: Read Role, Read User Full, Update Project
In the Access Management section of the
Administration menu, select Users.
Use the search box to find the desired user account.
Select a user from the list.
Select the Roles tab.
Click the Grant role button.
In the Grant Role dialog, choose a role to assign to the user.
Select one or more organizations, projects or groups where you want to apply the role.
Click the Grant role button.
If a user no longer requires access granted by a role, you can revoke the role assignment. This procedure only applies to roles that are assigned directly to a user.
If a role is granted to a user as a member of a group, you can revoke the role assignment by removing the user from the group. For more information, see Remove a User from a Group.
If a role is granted to a user as a member of a project team, you can revoke the role assignment by removing the user from the project team. For more information, see Remove Users from the Project Team.
tip
Requires permissions: Read Role, Read User Full, Update Project
From the
Administration menu, select Access Management > Users.
Use the search box to find the desired user account.
Select a user from the list.
Select the Roles tab.
Locate the role assignment that you want to remove from the selected user account. Use the search box to locate a role by name, organization, project, or permission.
Under the role assignment, select the scope (project or organization) in which the role is granted.
Click the Revoke role button.
Confirm the action in the confirmation dialog.
The role is revoked from the user in the selected organization or project.
The user loses the permissions that are assigned to the role in the organization or project.
Thanks for your feedback!