Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Customers unable to view KB articles in portal, but able to view confluence through anonymous access

Kyle Gagnon
Kyle Gagnon December 8, 2020

Hi, I'm new to Jira, and I'm trying to set up a service desk and a self-searchable knowledge base. I am using both service management and confluence on cloud (currently using Confluence on trial as we determine if it will work for us)

I have the service desk set up, and I already have some customers using it to enter tickets, that's all working well and good. I have a test customer that I use to verify functions myself from an out-of-organization point of view.

I have the confluence space that I created linked as a public knowledge base in Service Management. Everything shows up nicely and is searchable on the help desk portal while I am logged in to my administrator account. As soon as I log in to my test account, the knowledge base is THERE, and the customer can see the "category" I created, as "Learn More About:" and then it gives a category. 
When logged in as admin, clicking that link brings up a list of articles.
When logged in as a customer, it states the category is empty.

I have all kinds of anonymous/unlicensed use turned on trying to get this to work.
I can take the direct link to the confluence space (in confluence), and open it in an incognito tab, and I can view the entire confluence space without being logged in to anything. So the anonymous use is working properly, but for some reason there's still some kind of restriction on the service desk?
If I take the URL from the article on service desk (from my admin login) and try and open it in the browser with the customer logged in, it says "You don't have access to view this confluence article"
While I can then have that exact same article open in full confluence in another window with nothing logged in.

I have been searching through all kinds of information regarding knowledge base access issues, and most seem to come down to anonymous use not being turned on. My instance of Confluence currently has that turned on and it's confirmed working, so I am wondering if there's some other access or permission from within service management that I am missing. I've seen a couple settings referenced in Service desk , mainly "All active users and customers can access this knowledge base without a confluence license", but I absolutely cannot find that setting, and the last time I saw it mentioned was a couple years ago. It seems to be replaced by the "public/private/restricted" setting of the linked confluence space?

IDEALLY, I'd like to limit knowledge base use to only customers who have logged in to the service management portal, but I need to get it working at all before I start trying to limit it.

Thank you.

Answer
Watch
Like Be the first to like this
942 views

1 answer

2 votes
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
December 8, 2020

I think you've done some good research there, and managed to find mostly the right stuff, but you have run into two problems with it.  The first is sheer volume of material - there's a lot there, and a hefty chunk of it is out of date, plus it's further muddled up by the differences between Server/DC and Cloud.  The second is a peculiar quirk that few people mention in the docs.

So <deep breath>

There are five things that can determine if a person can see a page in Confluence:

  • Page restrictions can hide things, let's keep it simple and assume you are not using these (they'd break the reason for a knowledge base in general anyway, although some use them for simple  "publish this to the KB" process flows)
  • When Confluence knows who you are - you have logged into something and it can identify an account for you.  These are
    • You are a Confluence user named for space access.  You can see all pages in the space and any type of space you are let into.
    • You are in a group in Confluence named for space access.  Same as Confluence user.
    • You are a Jira Service Desk/Management Customer (not a Jira user, specifically a customer).  You can only see pages in the knowledge base(s) linked to the portal(s) you are a customer for in JSM, via the portal.  And you can not see non-KB spaces.
  • When Confluence does not know who you are - this is "anonymous" access because you have not logged in

Note that I have emphasied that Confluence knows who you are, or it does not.  This simplifies it down to 

  • I am a Confluence user (single or group): potentially seeing everything
  • I am a Customer: seeing only KB articles
  • I am anonymous: seeing only spaces with anonymous access enabled

Now, that all seems quite sensible, but there is a big quirk in it. 

 Anonymous really does mean anonymous.  It does not mean "everyone", it means "if I do not know who you are".  If you log in, as a user, or a customer, you are no longer anonymous, so the rule for access changes!

This is logically correct, but it is very confusing.  Imagine you have two users, Alice and Bob.  You have a space which says "People allowed to see my pages are Alice and Anonymous users".  Alice can use the space whether she is logged in or not. 

But Bob has a problem.  When he hits the space before logging in, he can see it, but after he logs in, it vanishes.  Confluence knows who he is, and the space is not set up to let him see it any more - he's not Alice and he's not anonymous!

I think this is the problem you've got.  Personally, I would prefer Atlassian to fix this, either by changing the "anonymous" permission to "anyone, whether logged in or not" (and renaming it to make it clear), or putting a check on to the space permissions page that explicitly tells the admin "you probably want to add confluence-users to the view speace permission as well here"

View More Comments
Kyle Gagnon
Kyle Gagnon December 9, 2020

Thanks for that clarification!
Yeah, the "anonymous" is definitely confusing.

Previously, the knowledge base "viewing permissions" under the service desk project settings was set to "Public", but for some reason, could not be accessed by logged in portal users. Public was the only selectable option.

I REMOVED anonymous access from the Confluence space settings, and that opened up the "restricted" option under the knowledge base viewing permissions. This now works, and logged-in portal users can properly search and view knowledge base articles direct from the portal.

That is definitely far from intuitive, I agree that the "anonymous" setting could either be changed to "everyone", or more aptly labeled as "only non-logged in users" (which still doesn't make sense to me. If my viewing permissions is set to "Public", why can't a subset of the "public" not access it?
What if I wanted both anonymous access to the confluence site, AND logged-in users on the portal to be able to access the same space? (I don't, but I don't see how that'd be possible, even though it seems so simple a concept)

Thanks again!

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira Service Desk
Jira Service Management
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
STANDARD
TAGS
AUG Leaders

Atlassian Community Events

    See all events