Are you in the loop? Keep up with the latest by making sure you're subscribed to Community Announcements. Just click Watch and select Articles.

Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root


1 badge earned


Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!


Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.


Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!


Can I enable automatic approval of new users, but only give them site only access?

I am looking for a way to get internal customers onboarded into our service desk while accessing it via Okta. I've got the Okta piece in place and functioning and Site Access settings I have it set to approve our email domain. On the product access side, I have all Atlassian products turned off for new users in the hopes that a new user onboarding themselves can just be added with site access so that they can immediately access the service desk portal.

I did find that if I give access to a single product inside of product settings for new users then an approval request is not required. My issue with this is that internal customers are not going to land on the service desk portal page, but the page for the product they've been licensed for and I still have to come back around and clean up the license.

Is there a way around this limitation? It would be extremely helpful in getting internal customers into the portal vs just sending requests to the service desk via email. If there's another way I should be loading customers into the service desk portal please let me know.


Thanks in advance.

1 answer

0 votes
Ed Letifov _TechTime - New Zealand_
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Jan 29, 2021

Hello, Chris.

By default with Jira Service Desk in Cloud the opposite is the norm - customers in Service Desk are authenticated completely separately from Atlassian ID/Atlassian Access/SAML (your connection OKTA) with password-based credentials and if your customer happens to have an Atlassian ID (e.g. in your organisation) you need to explicitly (and manually!) migrate their JSD record to an Atlassian account in<your org id>/jira-service-desk/portal-only-customers

As such, I believe what you are after is not currently possible without some programmatic way via JSD API (

Some customers have configured a public Service Desk project, available anonymously for the sole purpose of raising a request (thus creating a customer record) to trigger some further automation.

There is a user created webhook in Jira, and based on relatively recent comment in it should fire, though it's not clear to me if the user must be given access to Jira product in this case.

Since you mention OKTA, you must be using Access, so theoretically you can poll your organisation's users regularly too via Access API ( but that needs Access token that expires every 7 days, which hardly makes it automatic.

Consider all of the above as "thoughts out loud", some originally in the context of Cloud roadmap for our UserManagement product (currently available only on Server and DC). I am happy to be proven wrong and would welcome anyone to point a better way?

Suggest an answer

Log in or Sign up to answer
AUG Leaders

Atlassian Community Events