Can I restrict an unlicensed service desk user to their linked space(s)?

ryanjaeb August 30, 2017

I'm using trials of self hosted JIRA Service Desk and Confluence.  I installed them and linked them.  After that I did the following:

  • Add UserA and UserB to the service desk.  Remove them from all groups so they're not using any applications.  They don't add to my agent count.
  • Add project ProjectA (call the portal PortalA).
    • Add organization OrganizationA as a customer for the project.
    • Add UserA to OrganizationA.
    • Limit requests to customers that are added to the project.
    • Enable unlicensed knowledge base access for project.
    • Space ProjectA is created in Confluence for me automatically.
  • Repeat the previous step for ProjectB, OrganizationB, etc..

This works almost like I'd expect.  I can log in as UserA and access PortalA.  If I try to access PortalB access is denied.  However...

My projects have the keys CUSA and CUSB.  Space ProjectA has the URL localhost:8090/display/CUSA.  I can visit that URL, authenticate as UserA, and access Space ProjectA.

The problem I have is that while I'm logged in as UserA I can change the URL to localhost:8090/display/CUSB and I get access to Space ProjectB.  Is there a way I can restrict an unlicensed service desk user to their linked space(s)?

1 answer

1 accepted

1 vote
Answer accepted
AnnWorley
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
September 8, 2017

The behavior you report is expected per our docs, but it is not ideal.

The documentation says:

Customers can view knowledge articles in the global help center, and in Confluence if they're provided with a direct link. 

That means if they change the link with another space as in your example, they can access any space with unlicensed access enabled.

We have a suggestion open to add permissions for unlicensed users:

Add ability to configure permissions for unlicensed users

It sounds like that is what we need to limit your users to the kb spaces that correspond with what you have linked in Service Desk.

The suggestion is public-facing so you may vote and comment on it if you want to emphasize your use case. If you vote or comment you will be notified of any progress on the suggestion.

Suggest an answer

Log in or Sign up to answer
TAGS
AUG Leaders

Atlassian Community Events