Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
Community Members
Community Events
Community Groups

Revoke Service Management access from Trusted users

We recently started our free trial for Service Management and we're likely to keep it as it is a great product.

The issue is that all of my Jira trusted users got access to Service Management by default, and I can't revoke that product's access unless I revert their user type to "basic", which I don't want because many of these need some specific Trusted tooling. Where I'd require ~15 agents total, I'm getting 25 additional ones by default, which is almost triplicating my cost.

Is there a way to remove these default users from Service Management?  


Actually, @patricio , my approach would be to remove about 20 of those trusted users. As the system gets larger and more complex, you will find it spiraling out of control with that many admin level humans.

Speaking from experience here. I WAS in that boat where it was ordered to have that many but I finally kicked them all out. If I am responsible for an environment, I can't guarantee anything with that many admins. 

Thanks, I think this is definitely something I'll have to clean-up, and figure out essential permissions.

@patricio - Please go ahead and manage the users' access to Service Management from the Product access page.

Product Access Page:<<site-id>>/apps

The short path would be, click on the gear icon (right-hand upper corner) of your Atlassian instance --> User Management --> Product Access.


and then look for groups assigned to Jira Service Management; limit the number of users assigned to the group.



Like # people like this

This did it. Thanks!

Like Darshan Mandhane likes this

Did that reduce the count on your subscription?

I have the same problem. I have two groups assigned to Jira Service Management. There are three separate user accounts in those, yet despite this it's showing my subscription count as four users because I have a separate trusted user who isn't and shouldn't be allocated to the product.

Like patricio likes this

@Tim Pokorny - You should check both assigned user groups and assigned admin groups at the product access page.

@Darshan Mandhane I have done this. The user is not in any user group or administrative group that has any permissions relating to JSM. 

I suspect the user has no access to the app, BUT, they are consuming a license. I can't see how anyone can have gotten this working. Perhaps it is because I am on the Cloud site?

The user is listed as having app access on their account profile, but the slider to turn this off is disabled. It will not enable unless I drop them back to a Basic User. However, this particular user is a member of our support staff responsible for provisioning and decomissioning accounts. They require the ability to add/remove accounts and access, but not the ability to access all the products themselves. 

I've had two emails from Atlassian Support now, both providing generic information of absolutely no use. From the controls I am looking at, I can't see how it is possible to have a Trusted User not consume a license to a product, regardless of whether they have access.

@Tim Pokorny 

Every Trusted User has been granted access to ALL of the software on the Cloud-based system/instance. So Trusted users are by default added to the Service Desk license Count and there is NO WAY to remove them unless you make them basic users. I know that's very poor logic.

I would suggest you should make use of the basic user type and grant the administrative permissions through exclusive groups instead.

@Darshan Mandhane You are indeed right by the looks of it. I think based on advice from support I can drop the user back from Trusted to Basic (which then allows me to remove the app directly from the user), and then I can put them in the site-admins group which should give them access to create/remove user accounts, which is the primary reason they were a Trusted User prior. Fingers crossed! Thank-you for the advice.

Like Darshan Mandhane likes this

Following up here with what looks to be the result.

The short answer is that every trusted user will automatically consume a license of every product that you have. If you have support staff who just manage accounts but don't use the products, it does not matter, you have to give them a license to the product and pay for that, even though it will never be used. 

Like Darshan Mandhane likes this


Log in or Sign up to comment

Atlassian Community Events