Setup
JIRA 8.2.5//Service Desk 4.2.5//Crowd 3.4.4
We are using Crowd for SSO across JIRA, Confluence and other Atlassian tools. We just installed Service Desk and I think I'm 90% of the way in terms of the correct configuration.
We are allowing Public Sign Up for Service Desk and not allowing Public Sign Up for JIRA.
Crowd Directory automatically adds users to the jira-servicedesk-users group and jira-servicedesk-users can authenticate.
I've removed jira-servicedesk-users from the JIRA Global permissions page.
Application Access has
Problem
I signed up with a test user through the JIRA Service Desk customer portal and can access the Service Desk portal fine. The problem is that the test user (which only has jira-servicedesk-users group) can log into the normal JIRA application as well. Their visibility is severely curtailed, but they can log in and see some information in the Activity Stream (around some integrated Bamboo data).
What do I need to configure to prevent Service Desk only users no access to the normal JIRA functions?