Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions
Community
Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning Events Champions
Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning Events Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

How do people implement the JSM knowledge base widget on a site and maintain ISO27001 and SOC2

Adam
Adam
January 11, 2026

Wanting to implement the JSM widget on our site so clients can access the KB directly, but this causes a security alarm as the iframe.js script is being parsed/inserted via the `document.write` call. This ideally should be using something like `appendChild` to do this safely. With the current configuration, the widget does not meet ISO27001 and SOC2 compliance.

Has any other company successfully implemented the JSM widget and maintained ISO27001 and SOC2 compliance?

Answer
Watch
Like marc -Collabello--Phase Locked- likes this
91 views

1 answer

0 votes
marc -Collabello--Phase Locked-
marc -Collabello--Phase Locked-
Community Champion
January 12, 2026

Most likely other companies using the widget just declare it out of scope for SOC2 or ISO.  By this they take a shortcut instead of addressing the real problem.

Reply

Suggest an answer

Log in or Sign up to answer
Jira Service Management
Jira Service Management
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
PREMIUM
PERMISSIONS LEVEL
Product Admin
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2026 Atlassian
    Privacy Policy Notice at Collection Terms Security