Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Celebration

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root

Avatar

1 badge earned

Collect

Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!

Challenges
Coins

Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.

Recognition
Ribbon

Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!

Leaderboard

Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
4,458,249
Community Members
 
Community Events
176
Community Groups

Can I enable automatic approval of new users, but only give them site only access?

I am looking for a way to get internal customers onboarded into our service desk while accessing it via Okta. I've got the Okta piece in place and functioning and Site Access settings I have it set to approve our email domain. On the product access side, I have all Atlassian products turned off for new users in the hopes that a new user onboarding themselves can just be added with site access so that they can immediately access the service desk portal.

I did find that if I give access to a single product inside of product settings for new users then an approval request is not required. My issue with this is that internal customers are not going to land on the service desk portal page, but the page for the product they've been licensed for and I still have to come back around and clean up the license.

Is there a way around this limitation? It would be extremely helpful in getting internal customers into the portal vs just sending requests to the service desk via email. If there's another way I should be loading customers into the service desk portal please let me know.

 

Thanks in advance.

1 answer

Hello, Chris.

By default with Jira Service Desk in Cloud the opposite is the norm - customers in Service Desk are authenticated completely separately from Atlassian ID/Atlassian Access/SAML (your connection OKTA) with password-based credentials and if your customer happens to have an Atlassian ID (e.g. in your organisation) you need to explicitly (and manually!) migrate their JSD record to an Atlassian account in https://admin.atlassian.com/s/<your org id>/jira-service-desk/portal-only-customers

As such, I believe what you are after is not currently possible without some programmatic way via JSD API (https://developer.atlassian.com/cloud/jira/service-desk/rest/api-group-customer/#api-rest-servicedeskapi-customer-post).

Some customers have configured a public Service Desk project, available anonymously for the sole purpose of raising a request (thus creating a customer record) to trigger some further automation.

There is a user created webhook in Jira, and based on relatively recent comment in https://jira.atlassian.com/browse/JRACLOUD-74959 it should fire, though it's not clear to me if the user must be given access to Jira product in this case.

Since you mention OKTA, you must be using Access, so theoretically you can poll your organisation's users regularly too via Access API (https://developer.atlassian.com/cloud/admin/organization/rest/api-group-orgs/#api-orgs-orgid-users-get) but that needs Access token that expires every 7 days, which hardly makes it automatic.

Consider all of the above as "thoughts out loud", some originally in the context of Cloud roadmap for our UserManagement product (currently available only on Server and DC). I am happy to be proven wrong and would welcome anyone to point a better way?

Suggest an answer

Log in or Sign up to answer
DEPLOYMENT TYPE
CLOUD
TAGS

Atlassian Community Events