Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
Community Members
Community Events
Community Groups

Pros/cons of enabling Browse User for everyone (JSD customers)

We recently implemented Jira Service Desk (Cloud) for our internal organization. We have multiple service desk projects, and one of them is trying to utilize the user picker function for staff to select their manager on specific request types.

As per design, this does not work by default for non-Jira system users as the Browse Users global permission is set to allow only specific roles. This permission is required to allow user picker functionality.

Our site is not public. We use Okta SSO in conjunction with Atlassian Access to control who our Service Desk customers are, so the only people getting access to the list of users would be staff members or approved users of Jira, JSD.

Are there any downsides to setting Browse Users to Public, or the group that defines Jira Service Desk customers?

1 comment

John Funk Community Leader Jun 08, 2020

Hi Darryl,

I have discovered that if you give users (including customers) the Service Desk Team project role, then they can see the list of values for user picker fields. 

Like Darryl St_ Pierre likes this

Thanks John, I'm not sure that's what I'm looking for though.These are strictly "customers", unlicensed staff who submit service desk issues.

The system allows me to add a group that all these people are in to the Browse Users and Groups permission, but I don't believe it honors it for them. I have a support issue in with Atlassian now. When I get a response, I'll update this item.

John Funk Community Leader Jun 12, 2020

This is not in the permission scheme but the project settings. If you have added customers to the People section on your project, then you should be able to add them to the Service Desk Team project role. Then they can see the values in the user picker dropdown. Were you able to do that. 

Thanks for the clarification John.

I was hesitant to try your suggestion as I wasn't sure about the potential unintended impact. I did ultimately find out from support that I needed to modify Project Settings->Customer Permissions->Who can customers share requests with to Any customer or organization, by searching this project.

This, along with the Browse Users global permission resolved the issue.

I still haven't really determined if this is a good practice or not, but I did some limited testing and it does not appear to have opened up any undesired access.

John Funk Community Leader Jun 24, 2020

Great - I am glad you were able to get to a good solution.  :-)

And thank you for the additional information. Did you end up also giving them Service Desk Team role? 


Log in or Sign up to comment

Atlassian Community Events