Service Desk 2.0 - "Customers" are banned from accessing JIRA and Plugin REST API's

JIRA Service Desk 2.0 introduced the role "Customers". Users with this role are banned from accessing JIRA functionality. That is for sure reasonable. The problem is that JIRA also deny request to the REST API's.

As add-on developers we would like the "Customer" role to have access to the plugins REST API's. If not, our Insight add-on will be impossible to enable on the Customer Portal for the "Customer" role. We can of course have simple custom field rendered from the server side, but our more advanced Insight custom field acts from the user behaviour and wouldn't scale if doing this from the server side

We have been asked why we like to share information/content to ServiceDesk "Customers". There are several reasons for that, but one example is if you are a company renting out video cameras, you want the customers to report bugs on those assets via the ServiceDesk portal. The assets is of course within the Insight plugin.

As of right now, our add-on works perfectly for users that have the USE permission but it doesn't work for users of the Customer role. We have several customers that really needs the Insight Custom Field to work for the "Customer" role so we hope you will make the REST-API open for the plugin developers to decide who can access the plugin services or not.

The client request: https://domainname:port/rest/.. gets a HTTP 302. We cannot see any drawbacks by allowing access to the REST API's where you as today, are redirecting all requests. The authorization should be handled by the plugin developers as we do in any other case.

Let me know if you have any questions or more information you need. This is very urgent for us. Thanks