For your information, you can prevent any anonymous access to your JIRA system by removing any anyone group under your Permission scheme. Go to <tt>Administration > Schemes > Permission Schemes</tt>, then click on the Permissions button. Make sure that there is no Anyone group assigned for any permission.
We have an article that can help you to check any Projects that might have anonymous access enabled. You can check it here: Check Anonymous Access. Run the given query in your database, and you can see which project might be exposed.
If you also want your instance to be private (means that only Admin can add new user(s)), you can set it in the General Configuration, change it to Private mode. This way you can prevent any anonymous user signing up.
I hope this could clarify your question.
If you have a further inquiries, feel free to ask us.
Does the Assignable User permission affect this? If so, that feels like a defect. My team assigns tickets to users who may not be allowed to update the ticket. (e.g. when the responsibility lies with someone very senior, the assignment and all updates might be given in meetings or emails, and I carry it in my project to track and inform others). Or, I might assign ticket to someone who isn't a jira user yet because they've never had a ticket or they are a new employee. I don't want to require them to log in before assigning the ticket.
Badges are a great way to show off community activity, whether you’re a newbie or a Champion.Learn more
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG