I am looking for a way to get internal customers onboarded into our service desk while accessing it via Okta. I've got the Okta piece in place and functioning and Site Access settings I have it set to approve our email domain. On the product access side, I have all Atlassian products turned off for new users in the hopes that a new user onboarding themselves can just be added with site access so that they can immediately access the service desk portal.
I did find that if I give access to a single product inside of product settings for new users then an approval request is not required. My issue with this is that internal customers are not going to land on the service desk portal page, but the page for the product they've been licensed for and I still have to come back around and clean up the license.
Is there a way around this limitation? It would be extremely helpful in getting internal customers into the portal vs just sending requests to the service desk via email. If there's another way I should be loading customers into the service desk portal please let me know.
Thanks in advance.
Hello, Chris.
By default with Jira Service Desk in Cloud the opposite is the norm - customers in Service Desk are authenticated completely separately from Atlassian ID/Atlassian Access/SAML (your connection OKTA) with password-based credentials and if your customer happens to have an Atlassian ID (e.g. in your organisation) you need to explicitly (and manually!) migrate their JSD record to an Atlassian account in https://admin.atlassian.com/s/<your org id>/jira-service-desk/portal-only-customers
As such, I believe what you are after is not currently possible without some programmatic way via JSD API (https://developer.atlassian.com/cloud/jira/service-desk/rest/api-group-customer/#api-rest-servicedeskapi-customer-post).
Some customers have configured a public Service Desk project, available anonymously for the sole purpose of raising a request (thus creating a customer record) to trigger some further automation.
There is a user created webhook in Jira, and based on relatively recent comment in https://jira.atlassian.com/browse/JRACLOUD-74959 it should fire, though it's not clear to me if the user must be given access to Jira product in this case.
Since you mention OKTA, you must be using Access, so theoretically you can poll your organisation's users regularly too via Access API (https://developer.atlassian.com/cloud/admin/organization/rest/api-group-orgs/#api-orgs-orgid-users-get) but that needs Access token that expires every 7 days, which hardly makes it automatic.
Consider all of the above as "thoughts out loud", some originally in the context of Cloud roadmap for our UserManagement product (currently available only on Server and DC). I am happy to be proven wrong and would welcome anyone to point a better way?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.