Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

How user request access work ?

Calderara Serge
Calderara Serge
Contributor
February 25, 2022

Dear all,

I am really confuse on the way user get access to jira cloud site based on Site Settings configuration.

We have the configuration set as below :

Site Access-> Approve domain -> Approve the following domains
Site Access ->Access Request ->All new users on non-public domains can request access
Site Access -> User Invites ->Existing users can send invitations to anyone NOT CHECK

Q1 : Based on those settings it says in documentation that any users from the list of approve domains can join the site WITH or WITHOUT an approval.

What is the option in those setting which define that all user from approved domain will ONLY join WITH approval ( we do not want user do join without admin approval

Q2 : From the Access settings, I am confuse on the sens that from where user Request Access and how if they have no account in Jira ?

Thanks for clarification

 

Answer
Watch
Like Be the first to like this
2785 views

4 answers

0 votes
Debra Lee
Debra Lee
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
August 24, 2022

Approval of domains is meant to cut down on administrative tasks like approvals. So adding users to your organization and keeping track of them is easy. If you approve a domain but don't want users to join the organization, that will not work. You can change how users automatically get access to products so that they only get licenses when they join your organization.

https://community.atlassian.com/t5/Jira-questions/How-user-request-access-work/qaq-p/1956246/flagle

Reply
0 votes
Ingmar Heinrich
Ingmar Heinrich August 9, 2022

Hi,

I'm piggybacking on this question, because it's closely related. My question is: How do I activate access requesting for ALL users, including public domains?

Thanks,
Ingmar

Reply
0 votes
Matthias Gaiser _K15t_
Matthias Gaiser _K15t_
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
February 25, 2022

Hi @Calderara Serge

in order to answer your first question, I think you should follow the steps as described for the approved domains in these docs:

  1. From your organization at admin.atlassian.com, select Products from the header.

  2. From the left side of the page, select User access settings > Approved domains.

  3. Select Add domain, and enter your domain URL.

  4. Under the Product role column next to your chosen product, select from the following options:

    1. None: Assigns no product role, meaning users won’t have access to your product.

    2. User: Allows users to access your selected product when they are logged in to an account with your domain.

  5. Select Save to confirm.

And then make sure to select None in step 4 - 1. Does this work for you?

Regarding your second question, I'm not completely sure, but I think your users will get a request access button in the UI as soon as they're trying to access the product where they don't have access for.

Hope that helps a bit,
Matthias.

View More Comments
Calderara Serge
Calderara Serge
Contributor
February 25, 2022

hello,

"And then make sure to select None in step 4 - 1. Does this work for you?"

I do not have this same view like you are mentionning, all what I have for those in when I go to admin, on nav bar on the left , I have Site Settings and Product Access menu

I do not have any Prduct role

regards

Like
Reply
0 votes
Max Foerster - K15t
Max Foerster - K15t
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
February 25, 2022

Hey @Calderara Serge ,

to answer your first question:

The goal behind approving domains is to reduce administrative tasks like approvals. So it's easy to get users into your organization and manage them. Approving a domain and then not wanting to let users join the organization will not work. What you can adjust is the automatic access to products so you only have users join your organization without them taking up licenses already.

access_settings.png

But maybe deactivate the approved domain again, enter the domain in the access request settings instead and so people from your domain can request access and no one else. Then a site admin has to approve them.

Somehow you still have to guide them to the product so they can request access in the first place. 😃 Or work with invitations. Please also look at the descriptions on the right in the Site access settings. I think they do a good job explaining the settings.

To answer your second question, users somehow need to navigate to your site and then will have to either log into their Atlassian ID or create an Atlassian ID. In the next step, they will notice that they have no access and should be able to request access ("All new users on non-public domains can request access") or should automatically be added to the system when they belong to the approved domain. Did that help to answer your questions?

Best, Max

View More Comments
Calderara Serge
Calderara Serge
Contributor
February 25, 2022

Thanks for your answer

I have actually this option set : All new users on non-public domains can request access

So by this if I understand well, that means if user know the site url but does not have any account, he simply need to create an Atlassian ID and try to login.

1- Then as this is the first time he browse the site and did not get an account already, he is having a button to request site access if his email is not part of Approved domains, is that correct ?

2- Then if he logs with an email adress which is not part of the approved domain, then he will have to be Approved by admin correct ?

3 - you said :"But maybe deactivate the approved domain again, enter the domain in the access request settings instead and so people from your domain can request access and no one else. Then a site admin has to approve them."

Then by doing step3, does the process of step 1 and 2 react the same ?

 

Those authentication method in my mind is not well explain in atalssian doc, I could not find at no place what you are explaining here

Thanks for help

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Atlassian Community Events

    See all events