You're on your way to the next level! Join the Kudos program to earn points and save your progress.
Level 1: Seed
25 / 150 points
1 badge earned
Challenges come and go, but your rewards stay with you. Do more to earn more!
What goes around comes around! Share the love by gifting kudos to your peers.
Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!
Join now to unlock these features and more
We have multiple customer facing JSM projects, each of which has its own Portal used by the customer to view and respond to issues they have raised. Only the Support team have licenses for JSM.
We then have the development side of the business in Jira Software, with their own projects with items being worked on.
Occasionally staff on the development side will need to be able to view issues raised on the JSM side by customers. I'm able to achieve this by changing the 'Browse Projects' permission in the JSM permission scheme. This grants them view only access to the JSM items as expected.
The issue with this comes about when the development side then go to https://[OURNAME].atlassian.net/servicedesk/customer/portals (where projects available for you to raise issues in are shown). If the Browse Projects permission is set for the developers, they are able to see the customers portals. This causes an issue as we intend to have an "Internal IT Support" project for staff, which should be the only portal they have access to. We don't want internal staff being able to see and raise issues in a customers portal, only view the issues they have raised within Jira.
My question is; how can I set permissions so that staff on the Software side of Jira have access to view items within JSM, but the customer portals are not shown to them when visiting https://[OURNAME].atlassian.net/servicedesk/customer/portals?
Without Browse Projects set, the portal shows the above (which is correct, we don't want staff to be raising issues in a customer specific portal)
With Browse Projects set, staff can now access issues within the JSM project, but this also results in the customer portals for those projects being available to them.
That's what I'd assumed should be the case, but it doesn't seem to be that way.
Here we have a user who only has Jira Software access:
This means that if she tries to view the help centre/portal she gets a message that she doesn't have access to any service projects
Equally if she tries to view an issue through the app which is in a service project (via URL example https://XXX.atlassian.net/browse/XXX-40) she gets the below error
All of this is as expected, because she doesn't have any Service Project access.
What I need is for her to be able to view the issue through the app, but not then be given the access to raise requests through the portal as if she is a customer of the service project.
Under the advice of other articles I have added her to the Browse Projects permission for the Permission scheme all of our service projects use:
This results in her being able to now view the service project issues within the app as expected, but also now shows the portals of all service projects using this permission scheme within the help centre:
If you go to the Customers section of any of these service projects within the app, what it's done is added her as a customer, which is presumably why she can now see these portals:
This is not something I have done, the action of her being set as a customer when given the Browse Project permissions seems to be automatic. It is not possible to remove her from the customers list as, unlike customers who have been manually added there is no remove option. Normally to remove a customer from the service project I would go to Project Settings > People, where I would then be able to remove them by clicking Remove. This user who has automatically been added as a customer however doesn't show up in the People section, so there is no way to remove her.
Under Customer Permissions we have Service project access set to "Customers added by agents and admins", which seems like the right choice to me as we only want customers we add to see the portals.
So I guess a couple of questions here:
1. Is it correct to set the Browse Projects permission in order for a Software user to be able to view Service Project issues
2. Should setting that permission then enforce that user as a customer of said project(s) with no option to remove them
3. Is there another way of doing this, so that a software project user can view service project items, without this impacting their view of the portal in any way.
It's worth noting that this issue isn't restricted to one user, any users added to the Browse Project permission either as a group or an individual user are then automatically enforced as customers in that project which seems to be giving them portal access.