Introduction

As a Customer accessing Jira Service Desk I want to be able to

  • Raise Requests without having an account

  • Reading the Knowledge Database

  • I am expecting to be updated via email.

Recently, Atlassian introduced the "login-free portal for Jira Service Desk Cloud". But for Jira Service Desk for Jira Server this major feature is still missing. There are no known plans to change this.

Accxia's LoginFree for JSD App


adds this missing functionality to any Jira Server Instance.

Release Notes

New Feature: Default Email Address

You can define an optional default email address, so the user is not requested to enter any email address at all.

Portal View permissions

Only Portals defined in Config settings are shown and can be accessed via Autouser. Access to other portals is blocked by backend.


for more details see https://marketplace.atlassian.com/apps/1219927/loginfree-for-jira-service-desk/version-history

Key Features

  • Same user experience as known from "login-free portal for Jira Service Desk Cloud"

  • Automatic anonymous customer login and account creation

  • Improved security due to Google ReCaptcha to ensure customers are real customers, not bots

  • Integrated email confirmation field ensures email consistency

  • Users can raise tickets at any time even if they are already known by the system they still do not require a password

  • Portals where LoginFree autologin is supported can be selected easily

  • Supports Reset Password / Password reminder

  • Default Email, Raise tickets without entering an email address
  • Extended Portal Permissions, hide Portals from Autouser.


Supported Jira and JSD Versions

Jira 7.5.0 - 8.12.x

Jira Service Desk 3.8.1 - 4.12.x

User Guide

For Users the only visible change is that an additional link is shown on the Jira Service Desk Login Page.


There is still the normal login feature available. But in addition, users can login by simply clicking the link.

Users will be automatically logged in into the Service Desk Customer Portal. They can use the Knowledge DB or/and raise requests.


Raising a request is as easy as before.

There is just one additional field where the user needs to fill in his email address.

For the sake of data quality, users have to enter the email twice.

Can you see the Google ReCaptcha Logo?

Since the user has not been authenticated, he needs to be verified as a human. This is done by Google ReCaptcha. The captcha only shows up for anonymous users.


Depending on the actual Situation the capture may be displayed or not. If yes, you need to find all cars or bridges or traffic lights.

To use the Google ReCaptcha your Jira Service Desk Instance must be able to access the Url https://www.google.com/recaptcha/api/siteverify. This is required to verify the user input.

Your request will be submitted automatically and a user account is created for you. You will be kept updated via email whenever anything changes.


A response Screen will show the result. The screen can be tailored by your Admin.


Congrats - Yes you have become a full user but as long as you are not going to change your password you will not be able to log in. You can only communicate via email.


Additional Options

You can request to reset your password or just rely on email.

When you visit the Portal the next time, do not worry about your login credentials. Since you already have been registered as a user, you still can raise new additional requests without logging in. In addition, you will receive an email with a link to reset your password. If you do not need it, simply ignore this email.


Admin Guide

After the plugin has been installed from the Marketplace, make sure to request a license.

There will be a configuration link in the left navigation menu of the Jira Manage Apps Admin Screen.


Click to open the LoginFree Administration Screen.


Options

  1. Auto Login Link Text - This is the link text for the automatic login link presented on the Customer Portal

  2. Run User - This is the user required to create user accounts. It requires "Jira create user permission". It is not doing anything else, so from security point of view you even can use the admin account.

  3. Auto User - This is the user account which is initially used for all anonymous users. Make sure it does not have any application access to Jira Software, Jira Core or Jira Service Desk. This is verified while saving the form.

  4. Email Field Label - The label of the injected email field

  5. Google reCaptcha public key - This is the Google reCaptcha public key, for details how to create a google reCaptcha account see https://www.google.com/recaptcha/admin#list. This link requires that you are signed in with your Google account. If you want to disable the reCaptcha, leave it blank.

  6. Google reCaptcha private key - This is the Google reCaptcha private key. Keep it secret. If you want to disable the reCaptcha, leave it blank.

  7. Supported Customer PortalIds - Anonymous login is only granted for portals listed below. Select from the available Service Desk Projects list. Due to Jira Version compatibility issues you need to enter the portal ids comma separated. Add “0” in addition to enable this addOn for the Overall Help Center Page. You can find the portal ids as part of the customer request url e.g. http://localhost:89/servicedesk/customer/portal/1/user/login?destination=portal%2F2

  8. Enable Password Reset Email - Send out emails on registration and for password reminder

  9. Response Screen HTML - Enter any valid HTML. You can define your own styled response. Keep empty to use default response screen. You even can add any javascript, csss or simply redirect to any URL.

    use $issue as Issue Reference, it will be replaced with the issue key at runtime.

Alternate Access Option

For enabled portals the access link is shown on the Customer Portal Login Page. But you can place this link on any Web Page, independant where it is hosted.

https://jira-demo-1.accxia.com/plugins/servlet/loginfreeRedirMain?portalid=12

the portal Id is handed over as a query parameter.

To embed the link on your own web page, just add e.g.

<a href="http(s)://<YourJiraBaseUrl>/plugins/servlet/loginfreeservlet?portalid=12">Click here to raise a request without an account.</a>
CODE


To automatically log in to the Overall Help Center Page use portalId 0 e.g.

https://jira-demo-1.accxia.com/plugins/servlet/loginfreeservlet?portalid=0

Direct Portal Access by Request Type

You just need to add the additional parameter

e.g. http://localhost:89/plugins/servlet/loginfreeRedirMain?portalid=1&request=1

this redirects to e.g. http://localhost:89/servicedesk/customer/portal/1/create/1.

Portal View permissions

In the past Jira Admin had to care about the proper Portal/Project Permissions. 

As long as "customers who are added to the project" is unchecked, any customer can see and access the portal

Our Customers asked us to change this. We have implemented Portal View Permissions for the Autouser.

The Autouser is only able to see, view and access Portals, defined in the Supported Customer PortalIds Settings.

Access is controlled from Frontend and Backend. (This is not replacing proper Jira portal permissions).

Security and Atlassian Licensing

LoginFree for Jira Service Desk ensures data and platform security. The auto user has got minimal permissions. It is not assigned to any Jira Application Access. This is why it does not consume any license. In addition, we hardened the backend. For several requests there will be a blocking page presented to the user when he tries to access as Auto User.

FAQ

Question

Answer

What exactly ist the Run User doing?

The runUser is only required to create the user accounts after the anonymously logged in user has submitted the request. It is not doing anything else.

What exactly ist the Auto User doing?

As long as the user is logged in anonymously, any action is conducted with this account.

Does the Auto User has got requests listed in the request overview?

No, there should never be a request assigned to the Auto User. Only in case user creation failed, there might be a request assigned. In this case make sure to manually assign a proper reporter later on

Can an anonymous user view requests?

No, even if the user is logged in as the Auto user, the backend ensures that the requests can not be viewed.

I want to disable the reCaptcha

Simply leave the Google reCaptcha keys blank.

How can a newly automatically created User log in?

The user can use the normal password reset links from Jira Service Desk Customer Portal. Depending on the notification settings an email will be created with the password link. When a user raises an anonymous request the 2nd time, the password reset email is triggered automatically.

The auto login link is not shown on the Customer Portal

Make sure you enabled the Project in the Admin Section. And verify the link. Sometimes a user is redirected to the Over All Portal Page e.g https://jira-demo-1.com/servicedesk/customer/user/login?destination=portals. See that the Url does not contain any portal id. A proper link is e.g. https://jira-demo-1.com/servicedesk/customer/portal/12/user/login?destination=portal%2F12

The create request fails when the google recaptcha is configured properly

To use the Google ReCaptcha, your Jira Service Desk Instance must be able to access the Url https://www.google.com/recaptcha/api/siteverify.

If your server instance does not have internet access (e.g. you have to install AddOns via file upload instead of installing them from the marketplace) you can not use the Google ReCaptcha feature.