I'm using trials of self hosted JIRA Service Desk and Confluence. I installed them and linked them. After that I did the following:
This works almost like I'd expect. I can log in as UserA and access PortalA. If I try to access PortalB access is denied. However...
My projects have the keys CUSA and CUSB. Space ProjectA has the URL localhost:8090/display/CUSA. I can visit that URL, authenticate as UserA, and access Space ProjectA.
The problem I have is that while I'm logged in as UserA I can change the URL to localhost:8090/display/CUSB and I get access to Space ProjectB. Is there a way I can restrict an unlicensed service desk user to their linked space(s)?
The behavior you report is expected per our docs, but it is not ideal.
The documentation says:
Customers can view knowledge articles in the global help center, and in Confluence if they're provided with a direct link.
That means if they change the link with another space as in your example, they can access any space with unlicensed access enabled.
We have a suggestion open to add permissions for unlicensed users:
Add ability to configure permissions for unlicensed users
It sounds like that is what we need to limit your users to the kb spaces that correspond with what you have linked in Service Desk.
The suggestion is public-facing so you may vote and comment on it if you want to emphasize your use case. If you vote or comment you will be notified of any progress on the suggestion.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.