We are developing a web tool which uses Jira Service Desk Cloud and Confluence Cloud to provide support. This web tool uses single sign on, so only client users can access the web tool and the link to the support sites. We are concerned with protecting security and IP while still making it easy for users to access support.
I know it is possible to lock down permissions on Jira and Confluence so that only specific users have access and/or they have to create an account before they can log tickets/read knowledge base articles. We would prefer NOT to do this in order to make it as easy as possible for users. There are also going to be thousands of users and we do not want to provide individual access for each user.
But if we have the settings for Jira/Confluence set as “anyone can view”, we are aware that our knowledge base articles and links to our Jira/Confluence sites may show up in search engine results like google. This is an IP risk for us and a potential security risk as well.
Ideally it would be great if the link to the support sites would only open if you were redirected from our web tool. Is this at all possible?
Any advice on how to set up the support sites for ease of access while also maintaining security would be much appreciated.
Hi @andrea.wadsworth,
Caveat: This might be easier to do with Server products, and I’m not sure if what I’m about to propose works on Cloud. It also kinda violates your precondition of not having users created in JSD and Confluence, but they should be free users.
If you could activate SSO on your Cloud instance (via Atlassian Access I think), then you should be able to create JSD customer users without using up licenses (See the FAQ on Manage your bill for Atlassian Access | Atlassian Support).
Now, when you have your users as customers in JSD, then you’ll be able to configure a Confluence space as knowledge base (https://confluence.atlassian.com/confcloud/use-confluence-as-a-knowledge-base-724765471.html) and have the unlicensed users from JSD access it (Give access to unlicensed users from Jira Service Management | Confluence Cloud | Atlassian Support) without taking up Confluence licenses.
Then, you could include the Atlassian products via iframes. The iframes would internally do SSO and redirect the users back as logged in users to JSD / Confluence.
Again, this solution relies upon your SSO working with the Atlassian Cloud products, but that’s the only idea I have right now.
I’m not sure if there is a better solution to this on Cloud. Server would be another matter though.
Good luck!
Tobias