In JSD administration go to "Request security", and under "Manage who can raise requests through email and the customer portal", set it to "Only people on my customers list".
You then need to add the customer manually (or add the group they belong).
Some documentation links relevant to this:
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
We're bringing product updates and pro tips on teamwork to ten cities around the world.Save your spot