Loading...

XML

Word

Printable

Details

Type: Suggestion
Resolution: Unresolved
Component/s: Audit Log
Labels:
None

Support reference count:
71
Feedback Policy:

Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

Description

Problem definition

Organization Audit logs (Atlassian Access) are missing several events related to site access and self signup:

Self sign up: When a user performs self sign up where the email address is one of the allowed domain.
When a site administrator toggles the New users have access to this product button on the Product access page (https://admin.atlassian.com/s/SITEIDHERE/apps) this information is not sent to the organization audit log.
When a site admin approves an access request: Users can request product access for themselves or others when the site access settings don’t allow them to join the site

Suggested solution

Add above events to the audit log

Update 28 February 2023
I'd like to provide updates on the three issues raised in the original post of this ticket.

Self sign up: When a user performs self sign up where the email address is one of the allowed domain.

While this log is still missing from the org-level audit log, org admins can elect to get email notifications when a user from an approved domain gets access:

When a site administrator toggles the New users have access to this product button on the Product access page (https://admin.atlassian.com/s/SITEIDHERE/apps) this information is not sent to the organization audit log.

This toggle no longer exists as per the changes discussed here: Control how users get access to products. The toggle has been replaced by the org-level User access settings (https://admin.atlassian.com/o/<Org ID>/user-access-settings). When a change is made to these settings, it is reflected in the org-level audit logs:

When a site admin approves an access request: Users can request product access for themselves or others when the site access settings don’t allow them to join the site

This log now exists:

With the above in mind, I am changing the title of this issue to reflect the remaining request, "Add audit log for when a user from an allowed-domain performs self sign up"

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List

screenshot-2.png
282 kB
28/Feb/2023 12:13 AM
screenshot-1.png
176 kB
27/Feb/2023 11:58 PM
image-2023-02-28-11-23-08-609.png
310 kB
28/Feb/2023 12:23 AM

Issue Links

incorporates

JRACLOUD-68182 Need to Know Who Enabled Self-Sign Up

Gathering Interest

is duplicated by

ACCESS-1012 Approving an access request doesn't generate a log on the Org audit logs

Closed

ACCESS-759 Add Self sign-up and Site admin approve access request events in Audit log

Closed

ACCESS-1189 Track "New users have access to this product" changes in organization audit log

Closed

JRACLOUD-74377 Notification for when Site access settings have been configured

Closed

is related to

ACCESS-1763 [Tracking in Issue Links] Organisation-level audit log feature requests

Gathering Interest

JRACLOUD-79986 [Tracking in Issue Links] Site-level audit log feature requests

Gathering Interest

PCS-87216 Loading...

relates to

JRACLOUD-3157 JIRA Administration Audit trail / notifications

Closed

CLOUD-6751 Allow administrators to have access to logs

Gathering Interest

mentioned in: Page Loading...; Page Loading...

(3 is related to, 2 relates to, 2 mentioned in)

Activity

People

Assignee:: Jonathon Yu

Reporter:: Augustine Aloysius (Inactive)

Votes:: 21 Vote for this issue

Watchers:: 31 Start watching this issue

Dates

Created:: 22/Jul/2019 10:44 AM

Updated:: 30/Sep/2023 4:01 AM