Problem

In the current system, the term "Customer" is used to describe two distinct roles with different access scopes, causing confusion and potential misconfiguration. These roles are:

1. Global Customer Role: Assigned at the site/app level, this role grants users access to all JSM portals across the entire instance.
2. Project-Specific Customer Role: This role is assigned at the individual project level, allowing users to access only specific JSM project portals. It is mainly used for external users or portal-only customers who require access to particular projects without affecting other JSM portals.

The ambiguity in using the same term "Customer" for both roles leads to challenges in access management and increases the risk of security breaches if roles are incorrectly assigned.

Suggested Solution

To address this issue, rename the roles to more accurately reflect their distinct purposes. Suggested names include:

• Global JSM Portals Customer: For the site/app-level role that provides access to all JSM portals.
• Project-Specific Customer: For the role that restricts access to individual project portals.

These names clearly delineate the scope of access each role provides, reducing confusion and aiding in accurate permission management.

Possible View:

Why This Is Important

Proper role naming is crucial for effective access management and security. By clearly distinguishing between global and project-specific access, administrators can better manage permissions and reduce the risk of inadvertently granting excessive access. This change supports clearer communication and understanding among admins and users, ultimately enhancing the security posture of the organization.

Workaround

Until role names are updated, provide comprehensive documentation and training to educate admins and users on the differences between the roles. Highlight the scope and implications of each role to ensure informed decision-making when assigning customer roles.