We have learned that if we do not specify a project group or a project for a user they are given access to ALL projects. This creates issues for us occasionally since some of our teams have to provide audit lists to our vendors showing Who has deploy access. Is there a way we can by default set all users to NO permission unless expressly granted??
Thanks for getting in touch. That’s right, the way the permissions work is they further restrict access. What’s not clear from your question is why is it not going as expected. Have you modified the
everyone team? By default new users join this team, but that team doesn’t grant any permissions. Then users can be added to teams defining permissions as you like.
This is the safest way to add users to a team that grants them no permissions, and then move them into teams where permissions are explicitly defined for what they need access for.
If we’re not understanding your question please let us know, by sending some screen shots of examples of the teams you have set up and or permissions you see that are not as you expect.