Currently, access control for artifacts (such as bugs, tasks, or user stories) is managed exclusively through user groups. To restrict an artifact's visibility to a specific set of people, they must all be members of a group, and that group is then granted access. There is no mechanism to grant view or edit permissions for a specific artifact to a single, individual user directly.

The group-based permission model is effective for managing team-level access, but it lacks the granularity required for many common scenarios. The workaround of creating a dedicated group for every unique, ad-hoc sharing requirement is not a viable solution : creating and managing a multitude of single-person or temporary groups is cumbersome and inefficient for administrators. It adds unnecessary steps to what should be a simple action. This practice leads to a proliferation of single-use groups, which clutters the user group management system and makes it difficult to maintain over time.

An administrator should be able to grant access permissions or a specific artifact directly to one or more individual users, without the prerequisite of creating and managing a user group.