Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Different permissions to different SM Portals

rtamam
rtamam
Contributor
February 11, 2025

Hi

I have several Jira SM (and will expend) and I'd like to grant different permissions to different domains for each of their portals

Is it possible?

 

Thanks!

Answer
Watch
Like Be the first to like this
81 views

1 answer

0 votes
Tom Whittle
Tom Whittle
Contributor
February 11, 2025

Hi rtamam,

 

This is definitely possible, are these portals used for internal or external customers?

If they are used for internal customers and provided you have Atlassian Guard syncing user data from your IDP I would create a group in your IDP and have this sync over to your Atlassian site, from that you can then give the group the Service Desk Customers role in your JSM projects.

 

If they are used for external customers I would recommending adding the domains that they come from as approved domains and then giving the Jira Service Management customer licence (non-billable) to those users that have an email with that domain.

To take the above for external customers a bit further in the Atlassian Admin portal I would create some groups and give the groups access to the required projects by once again going to the role assignments for the projects and assigning the Service Desk Customers role to the group(s). You can then assign the groups to the customers as requested.

 

Hope this helps,

Tom

View More Comments
rtamam
rtamam
Contributor
February 11, 2025

Thanks for your reply, Tom.
So for example, I have 2 JSM with 2 JSM Portals.

1st named JSM-Internal

2nd named JSM-External

Now, as you probably understand, I want all our employees (with domain @magicsoftware.com) to be able to access  JSM-Internal.

As for JSM-External, let's say that domains @cust1.com & @cust2.com need to access

And of course the customers should not be able to view & access JSM-Internal.

Is that possible?

Like
Tom Whittle
Tom Whittle
Contributor
February 11, 2025

That is certainly possible.

The difference is that you would need to set the project customer access of JSM-Internal to Restricted. Under Project Settings > Access > Customer permissions change the channel access to restricted so that your external customers cannot sign up on demand for the JSM-Internal project.

Without using an IDP with Atlassian Guard, an automation that integrates with the Atlassian APIs or a Atlassian Admin group (group in Atlassian Admin not fully automatic) this would not be automatic and you would need to add people to JSM-Internal via the Customers tab in the sidebar by email.

As for the external customers provided that the JSM-External project has its channel access set to open you should be able to allow customers to sign up themselves when they first create a request.

Unfortunately there is not a clear cut way to say that users from X email domain get access to project Y automatically, at least not out of the box with Jira (apart from when using Atlassian Guard with SCIM and a 3rd party IDP). There may also be some marketplace apps that can assist with this.

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira Service Desk
Jira Service Management
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
STANDARD
PERMISSIONS LEVEL
Product Admin
TAGS
AUG Leaders

Atlassian Community Events

    See all events