Orgs Groups APIs
Returns a page of groups in an organization that match the supplied parameters.
string
Requiredstring
Requiredstring
integer
array<string>
array<string>
array<string>
array<string>
array<string>
string
object
array<object>
Returned if the request is successful.
1
2
3
4
curl --request GET \
--url 'https://api.atlassian.com/admin/v2/orgs/{orgId}/directories/{directoryId}/groups' \
--header 'Authorization: Bearer <access_token>' \
--header 'Accept: application/json'1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
{
"data": [
{
"id": "12345678-1234-1234-1234-123456789012",
"name": "jira-administrators",
"description": "This group provides admin access to Jira.",
"directoryId": "12345678-1234-1234-1234-123456789012",
"managementAccess": {
"deletable": true,
"modifiable": true,
"readable": true
},
"externalSynced": true,
"managedBy": "external",
"counts": {
"users": 10,
"resources": 109
},
"links": {
"self": "ECg53CukK1twBo0LK1u9nw"
}
}
],
"links": {
"self": "ObSbZxpM1f1fzia2_GnuJw",
"prev": "LIZFEbzCT2pCCkQhPIUgIQ",
"next": "kloHX1ZQVasDAkx_P48NYQ"
}
}Create a group in a directory to manage app access and permissions for multiple users together.
string
Requiredstring
Requiredstring
Requiredstring
Success
1
2
3
4
5
6
7
8
curl --request POST \
--url 'https://api.atlassian.com/admin/v2/orgs/{orgId}/directories/{directoryId}/groups' \
--header 'Authorization: Bearer <access_token>' \
--header 'Content-Type: application/json' \
--data '{
"name": "<string>",
"description": "<string>"
}'Returns a page of role assignments for a group that match the supplied parameters.
string
Requiredstring
Requiredstring
Requiredstring
integer
array<string>
array<string>
array<string>
array<string>
Returned if the request is successful.
1
2
3
4
curl --request GET \
--url 'https://api.atlassian.com/admin/v2/orgs/{orgId}/directories/{directoryId}/groups/{groupId}/role-assignments' \
--header 'Authorization: Bearer <access_token>' \
--header 'Accept: application/json'1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
{
"data": [
{
"resourceId": "ari:cloud:jira-core::site/1",
"resourceOwner": "jira-core",
"defaultRole": "atlassian/org-admin",
"roles": [
"atlassian/org-admin",
"atlassian/site-admin",
"atlassian/user-access-admin"
]
}
],
"links": {
"self": "ObSbZxpM1f1fzia2_GnuJw",
"prev": "LIZFEbzCT2pCCkQhPIUgIQ",
"next": "kloHX1ZQVasDAkx_P48NYQ"
}
}Assign a role to a group to assign all members the same role.
string
Requiredstring
Requiredstring
Requiredstring
Requiredstring
RequiredSuccess
1
2
3
4
5
6
7
8
curl --request POST \
--url 'https://api.atlassian.com/admin/v2/orgs/{orgId}/directories/{directoryId}/groups/{groupId}/role-assignments/assign' \
--header 'Authorization: Bearer <access_token>' \
--header 'Content-Type: application/json' \
--data '{
"resourceId": "<string>",
"roleId": "<string>"
}'Revoke a role from a group to remove access to an app from all members. A member can still access the app if they’re in another group that grants access to the same app.
string
Requiredstring
Requiredstring
Requiredstring
Requiredstring
RequiredSuccess
1
2
3
4
5
6
7
8
curl --request POST \
--url 'https://api.atlassian.com/admin/v2/orgs/{orgId}/directories/{directoryId}/groups/{groupId}/role-assignments/revoke'' \
--header 'Authorization: Bearer <access_token>' \
--header 'Content-Type: application/json' \
--data '{
"resourceId": "<string>",
"roleId": "<string>"
}'Add a user to a group. This gives the user the same app access and permissions as the group. The user must be in the same directory as the group.
You can’t add a user to a group synced from an identity provider. Manage this group in your identity provider instead.
You can’t add a user to a group if you’ve exceeded your user limit for an app that the group grants access to. Increase your user limit or suspend another user from the app first.
string
Requiredstring
Requiredstring
Requiredstring
RequiredSuccess
1
2
3
4
5
6
7
curl --request POST \
--url 'https://api.atlassian.com/admin/v2/orgs/{orgId}/directories/{directoryId}/groups/{groupId}/memberships' \
--header 'Authorization: Bearer <access_token>' \
--header 'Content-Type: application/json' \
--data '{
"accountId": "<string>"
}'Remove a user from a group. This removes any app access and permissions granted by this group, but the user may still be in other groups that grant the same app access and permissions.
string
Requiredstring
Requiredstring
Requiredstring
RequiredSuccess
1
2
3
curl --request DELETE \
--url 'https://api.atlassian.com/admin/v2/orgs/{orgId}/directories/{directoryId}/groups/{groupId}/memberships/{accountId}"' \
--header 'Authorization: Bearer <access_token>'Returns the details of a group.
string
Requiredstring
Requiredstring
RequiredReturned if the request is successful.
1
2
3
4
curl --request GET \
--url 'https://api.atlassian.com/admin/v2/orgs/{orgId}/directories/{directoryId}/groups/{groupId}' \
--header 'Authorization: Bearer <access_token>' \
--header 'Accept: application/json'1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
{
"data": {
"id": "12345678-1234-1234-1234-123456789012",
"name": "jira-administrators",
"description": "This group provides admin access to Jira.",
"directoryId": "12345678-1234-1234-1234-123456789012",
"managementAccess": {
"deletable": true,
"modifiable": true,
"readable": true
},
"externalSynced": true,
"managedBy": "external",
"counts": {
"users": 10,
"resources": 109
},
"links": {
"self": "ECg53CukK1twBo0LK1u9nw"
}
}
}Delete a group from a directory if you don’t need this group anymore. This removes any app access and permissions granted by this group from all members. A member can still access an app if they’re in another group that grants access to the same app.
string
Requiredstring
Requiredstring
RequiredSuccess
1
2
3
curl --request DELETE \
--url 'https://api.atlassian.com/admin/v2/orgs/{orgId}/directories/{directoryId}/groups/{groupId}' \
--header 'Authorization: Bearer <access_token>'Returns the count of groups in an organization that match the supplied parameters.
string
Requiredstring
Requiredarray<string>
array<string>
array<string>
array<string>
array<string>
string
array<string>
Returned if the request is successful.
1
2
3
4
curl --request GET \
--url 'https://api.atlassian.com/admin/v2/orgs/{orgId}/directories/{directoryId}/groups/count' \
--header 'Authorization: Bearer <access_token>' \
--header 'Accept: application/json'1
2
3
{
"count": 49
}Returns group stats for the organization.
string
Requiredstring
RequiredReturned if the request is successful.
1
2
3
4
curl --request GET \
--url 'https://api.atlassian.com/admin/v2/orgs/{orgId}/directories/{directoryId}/groups/stats' \
--header 'Authorization: Bearer <access_token>' \
--header 'Accept: application/json'1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
{
"types": [
{
"type": "TEAM",
"count": 3
},
{
"type": "GROUP",
"count": 7
},
{
"type": "USERBASE_GROUP",
"count": 10
}
],
"totals": {
"all": 10,
"synced": 4,
"managed": 6
}
}This API is deprecated and will no longer work after June 30, 2026. Use the Get groups in an organization endpoint instead.
The API is available for customers using the new user management experience only. How the new user management experience works
Returns a list of groups within an organization, offering search functionality through multiple parameters for more precise results.
string
Requiredarray<string>
GroupNames
string
integer
array<string>
Organization found. Response contains group search results
1
2
3
4
5
6
7
8
curl --request POST \
--url 'https://api.atlassian.com/admin/v1/orgs/{orgId}/groups/search' \
--header 'Authorization: Bearer <access_token>' \
--header 'Accept: application/json' \
--header 'Content-Type: application/json' \
--data '{
"limit": 20
}'1
2
3
4
5
6
7
8
9
10
11
12
13
{
"data": [
{
"id": "123e4567-e89b-12d3-a456-426614174000",
"name": "example",
"description": "example description"
}
],
"links": {
"next": "MDNlZWRmNzMtMWYwMi00NGM5LWI4NjgtZGQ1NTIwMjIwYjhj",
"self": "MDI0MzkwOGEtMmYyOC00NzgzLWI5YTktMDUwZTExNzJjZDU4"
}
}This API is deprecated and will no longer work after June 30, 2026. Use the new Create group endpoint instead.
The API is available for customers using the new user management experience only. Learn more about the new user management experience.
This API will:
The creation of new groups using existing group names is not permitted.
Learn the fastest way to call the API with a detailed tutorial.
string
Requiredstring
Requiredstring
Request to create group was successfully accepted and will be eventually created in the organization directory.
1
2
3
4
5
6
7
8
9
curl --request POST \
--url 'https://api.atlassian.com/admin/v1/orgs/{orgId}/directory/groups' \
--header 'Authorization: Bearer <access_token>' \
--header 'Accept: application/json' \
--header 'Content-Type: application/json' \
--data '{
"name": "<string>",
"description": "<string>"
}'1
2
3
4
{
"message": "Group test-group was created",
"groupId": "f29c72a8-7681-4ed0-8a2c-83372bf67437"
}This API is deprecated and will no longer work after June 30, 2026. Use the new Delete group endpoint instead.
The API is available for customers using the new user management experience only. Learn more about the new user management experience.
This API will:
This API will not:
site-admin group and therefore revoke org-admin role from a user.Learn the fastest way to call the API with a detailed tutorial.
string
Requiredstring
Requiredboolean
Group was successfully deleted from organization's directory.
1
2
3
4
curl --request DELETE \
--url 'https://api.atlassian.com/admin/v1/orgs/{orgId}/directory/groups/{groupId}' \
--header 'Authorization: Bearer <access_token>' \
--header 'Accept: application/json'1
2
3
{
"message": "Group 0980d761-fce5-4ea1-83e4-9cc8f5db92ae was removed"
}This API is deprecated and will no longer work after June 30, 2026. Use the Grant access to group endpoint instead.
The API is available for customers using the new user management experience only.
Assign roles that grant product access to groups. Please note that this operation adheres to eventual consistency, and it might take up to 30 seconds for changes to take effect.
string
Requiredstring
Requiredarray<RoleAssociation>
RequiredRoles were successfully added to the group
1
2
3
4
5
6
7
8
9
10
11
12
13
curl --request POST \
--url 'https://api.atlassian.com/admin/v1/orgs/{orgId}/directory/groups/{groupId}/roles/assign' \
--header 'Authorization: Bearer <access_token>' \
--header 'Accept: application/json' \
--header 'Content-Type: application/json' \
--data '{
"roleAssociations": [
{
"resource": "ari:cloud:jira::site/70ef3a32-d0da-4e09-b35e-0109f91969c3",
"role": "atlassian/user"
}
]
}'1
2
3
{
"message": "Group 12345 added Roles. ROLE `user` for RESOURCE `ari:cloud:identity::group/test-group-uuid1` and ROLE `user-access-admin` for RESOURCE `ari:cloud:identity::group/test-group-uuid2` is in progress. Changes may take up to 30 seconds to reflect."
}This API is deprecated and will no longer work after June 30, 2026. Use the Remove access from group endpoint instead.
The API is available for customers using the new user management experience only.
Revoke roles that provide product access to groups. It's important to note that this operation follows eventual consistency principles and may require up to 30 seconds to take effect.
string
Requiredstring
Requiredarray<RoleAssociation>
RequiredRoles were successfully removed from the group
1
2
3
4
5
6
7
8
9
10
11
12
13
curl --request POST \
--url 'https://api.atlassian.com/admin/v1/orgs/{orgId}/directory/groups/{groupId}/roles/revoke' \
--header 'Authorization: Bearer <access_token>' \
--header 'Accept: application/json' \
--header 'Content-Type: application/json' \
--data '{
"roleAssociations": [
{
"resource": "ari:cloud:jira::site/70ef3a32-d0da-4e09-b35e-0109f91969c3",
"role": "atlassian/user"
}
]
}'1
2
3
{
"message": "Group 12345 revoked Roles. ROLE1 for RESOURCE1 and ROLE2 for RESOURCE2 is in progress. Changes may take up to 30 seconds to reflect."
}This API is deprecated and will no longer work after June 30, 2026. Use the new Add user to group endpoint instead.
The API is available for customers using the new user management experience only. Learn more about the new user management experience.
This API will:
This API will not:
Learn the fastest way to call the API with a detailed tutorial.
string
Requiredstring
Requiredstring
RequiredUser was successfully added to the group in the organization directory.
1
2
3
4
5
6
7
8
curl --request POST \
--url 'https://api.atlassian.com/admin/v1/orgs/{orgId}/directory/groups/{groupId}/memberships' \
--header 'Authorization: Bearer <access_token>' \
--header 'Accept: application/json' \
--header 'Content-Type: application/json' \
--data '{
"account_id": "<string>"
}'1
2
3
{
"message": "User 637194fa77acd224b33bfae3 was added to group 9233fb03-53cc-4463-9698-047aedbffb5c"
}This API is deprecated and will no longer work after June 30, 2026. Use the new Remove user from group endpoint instead.
The API is available for customers using the new user management experience only. Learn more about the new user management experience.
This API will:
This API will not:
site-admin group and therefore revoke org-admin role from a user.Learn the fastest way to call the API with a detailed tutorial.
string
Requiredstring
Requiredstring
RequiredUser was successfully removed from the group in the organization directory.
1
2
3
4
curl --request DELETE \
--url 'https://api.atlassian.com/admin/v1/orgs/{orgId}/directory/groups/{groupId}/memberships/{accountId}' \
--header 'Authorization: Bearer <access_token>' \
--header 'Accept: application/json'1
2
3
{
"message": "User 63ec0aa0c5061c632c0cddde was removed from group fca77b90-a2a9-4385-961b-1377b3dbeb0b"
}Rate this page: