If you use Atlassian Crowd and its single sign-on (SSO) capabilities to manage users:
- In order for public signup to work, in JIRA, set the Crowd permission to be Read/Write. To do this, go to User management > User directories.
- When configuring who can authenticate to JIRA via Crowd, if you have customers that do not belong to groups, make sure you select the setting that allows all users in the directory to authenticate. See Mapping a Directory to an Application.
For more information, please read: Managing customers
Atlassian Crowd is a separate product and therefore if you wish to use Crowd for SSO, you will need to purchase a Crowd license that is large enough for your user base. Customers in JIRA Service Desk, while free in JIRA Service Desk, will consume a license in Crowd.
When you enable Crowd SSO for JIRA, you will only be able to authenticate as users from the Crowd server and users from the internal JIRA directory can’t authenticate to access JIRA. This means both paid JIRA users, agents and free JIRA Service Desk customers need to be users in Crowd.
It’d be useful to create a new authenticator that knows about JIRA Service Desk Customers in the internal JIRA directory and authenticate them differently from JIRA users.
Such a change would require changes to Crowd, JIRA and JIRA Service Desk. There are currently no plans to undertake this work in the next 6-12 months. If you are interested in this feature, please watch, vote and add a comment with your specific use case.