Uploaded image for project: 'Jira Service Management Data Center'
  1. Jira Service Management Data Center
  2. JSDSERVER-12469

As an administrator I would like to have reset password features from the customer portal disabled when SSO is enabled

XMLWordPrintable

    • 1
    • We collect Jira Service Desk feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.

      Problem Definition

      With SSO for Atlassian Server and Data Center App the administrator have the ability to configure customer login through SSO and completely disable the authentication form.

      When the authentication form is disabled for both agents and customers, some reset password features are still reachable and could cause confusion to customers.

      Suggested Solution

      When the authentication form is disabled for both agents and customers, completely disable any page related to the reset password feature.

      Workaround

      Jira administrators may choose to completely block access to the following URLs:

      • /servicedesk/customer/user/forgotpassword
      • /servicedesk/customer/user/resetpassword

      This can be configured in the Load Balancer, reverse proxy or directly in the Tomcat configuration.

              Unassigned Unassigned
              tmasutti Thiago Masutti
              Votes:
              1 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated: