People who are not logged in can see and comment as anonymous on tickets. This is a big security risk for us and our clients. I only want access for logged in users.
I tried in both Safari and an incognito window in Chrome and I am able to see the full ticket without being logged in.
Change the permission scheme(s). Remove the "group" called "anonymous" from all inappropriate permissions
(Frankly, that's all of them other than "browse" for a start, and "browse = anonymous" is only for certain types of public project too)
I've gone through all of our permissions and none of them allow for "anonymous" or "anyone".
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Ok, so can you pick up a demo issue and check with a totally anonymous account? Use a browser you've not logged into your Cloud Jira with ever. (You could post it here to get one of us to check it)
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Putting a link here means everyone will have access to all of our projects so even if it's a dummy project, I'd rather not post a link here. Do you have an email I can use?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Completely understand, but I don't share emails in public (so much spam already). Could you try it with a clean browser? If you've got Chrome or Firefox, there's an "anonymous browse" option which will not carry any login details even if you've got a normal session running - that's more than good enough to do this test.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
If you can then see the issue without any login, the next step is to be 100% sure there is no "anyone" in the permissions for that one project, then visit https://support.atlassian.com to raise the issue with them. It sounds very broken to me, and quite a security hole, so I'd expect quite a swift response.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.