User access in YouTrack is defined on per-project basis by roles, assigned to a user. A role is set of permissions, which in their turn allow users to perform particular operations in YouTrack. Please note that permissions can only be granted via assigning roles, but not directly.
Generally, a user account gets roles inherited from user groups, to which this user belongs. In rare cases, when inherited roles are not sufficient, a role can be assigned individually to an account.
To configure user access, you need administrator permissions; the minimum set should include permissions to read user accounts, roles and groups, and to update user accounts. The low-level administrator permissions are not necessary. Please refer to YouTrack Permissions Reference for the list of currently available permissions.
We suggest that you configure user access in the following order: