I have 5 Service Desk Project. I want to enable self registration for all customers. But I want each customer to see just the projects they registered under. Currently, when you register under Project A, you can also login under Project B, C, D and E.
When I register customers as admin, they can be restricted to specific projects, but not sin self service?!?
It is not possible to restrict access like this today. Your best approach is to allow public sign up, and make 1 project available to all (this project might even contains a request type for access to other projects). Then keep the other projects restricted to Customers added by Agents/Admins, and have your team manage memberships accordingly.
I would like to better understand you use case. Why is it important that customers do not see other service desks? How do you stop a customer signing up to the wrong service desk?
I do not understand this logic. Why do we segregate in different projects with different portals and then do not care what project context the user is in? After all, you register as a user in the context of one specific portal. Why then do you have access to all portals? There is a major flaw in how Service Desk handles customer access rights
My case is the following: I have 5 customers subscribing to 5 customized applications. Every customer has its own service desk project with its own, specific knowledge base behind. For the agent it is important to know what context the user reporting a bug or request is coming from. A self registered user appears in ALL projects, not just the project he/she registered under. And he/she can see requests from all projects. Furthermore our customers are from the financial services sector. These folks have an emphasis on GDPR compliance. The current setup is NOT GDPR compliant.
We have two access models for Service Desks.
The first is centred around the Help Portal, and is designed to support an organisation with its internal support. Projects are open, and customers are free to navigate from service desk to service desk based on their needs.
The second is centred around a single or subset of service desks, and is designed to support mixed customer bases. In this model, service desks have tightly managed access, and customer will only see what they have explicitly been granted access to
Looking at your situation, you could use my recommendation, or alternatively keep sign-up restricted and provision your user accounts manually to ensure customers only ever access a single project for them.
We are undertaking some work which focuses on Customers and how they provision accounts, and how this can be restricted. Your feedback is excellent food for thought. Would you be open to joining a future discussion on the topic?
On October 20, 2021, Atlassian published a security advisory for Jira Service Management. The full advisory is available at this link. We've seen a number of questions already asking for...
Connect with like-minded Atlassian users at free events near you!Find an event
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no Community Events near you at the moment.Host an event
You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events