Enabling public signup and CAPTCHA
Enabling public signup allows users to create their own accounts. If it's not enabled, then only a Jira administrator can create new user accounts.
If users create accounts that gives them access to Jira Core, Jira Software, or the agent view of Jira Service Management, these accounts will consume a license for these applications. If you enable public signup only for the Jira Service Management customer portals and customers create their own accounts, these accounts do not consume a license, as they have limited access to Jira.
For security reasons, even if you enable signup, it is still necessary for users to have the appropriate project permissions before they can see or create issues. Note that you can use automatic group membership to add all new users to appropriate groups.
Before you begin
For all of the following procedures, you must be logged in as a user with the Jira administrators global permission.
Customer signup in Jira Service Management
If you're using Jira Service Management, it's worth noting that is has two public signup forms:
- Agent (user) signup: This is a regular signup for users who consume licenses and have access to Jira. It's the same signup that Jira Core and Jira Software users use. It can be accessed from the main Jira login page.
- Customer signup: This is a signup for external customers who don't consume licenses and have access only to the project's customer portal where they can raise requests. This signup doesn't require Jira to be in the public mode, as opposed to the regular signup.
Enabling CAPTCHA
- If your Jira application server is accessible from outside your organization's firewall, and you have enabled signup, then you may want to also enable CAPTCHA. CAPTCHA helps ensure that only real humans (and not automated spam systems) can sign themselves up to Jira.
Enabling public signup for Jira Core, Jira Software, and the agent view in Jira Service Management
- In the upper-right corner of the screen, select Administration > System.
- Choose Administration () > System. Select General Configuration to open the Administration page.
- In the sidebar, select General configuration.
- Scroll down the page and select Edit Configuration.
- In the Mode dropdown, select Public.
- Select the Update button at the bottom of the screen.
- Log out of Jira, then click the Log in link at the top right of the screen and verify that the Sign up link is displayed at the bottom of the login screen.
Enabling public signup for Jira Service Management customer portals
With public signup enabled, agents can invite new customers to a service project, and new customers can create accounts on the Customer Portal and through email. Enabling public signup for your service project also enables a honeypot technique which helps prevent spambots from creating accounts through the customer portal.
Enabling public signup
You must first enable public signup at the system level:
- In the upper-right corner of the screen, select Administration > Applications.
- Scroll down to the Jira Service Management section and select Configuration.
- In the Public signup section, allow project admins to enable public signup.
Enabling verification emails
After enabling public signup, we recommend that you also enable verification emails. This adds security to your Jira instance and makes sure that all customers are exactly who they say they are. This option should be enabled by default unless you haven't configured outgoing email.
- Enable and configure outgoing email so Jira can send verification emails. For more info, see Configuring an SMTP mail server.
- In the Public signup section, enable verifications emails.
Opening a service project
You or a service project administrator can then open a service project at the project level:
- Go to Project administration > Customer permissions.
- Select Anyone can email the service desk or raise a request in the portal.
New customers will be added to the Service Desk Customers project role. Note that customer accounts created via public signup don't count towards a Jira Service Management license.
In situations where users are unable to change their passwords, check that a Delegated Authentication Directory is not the highest in the order of User Directories. As a workaround, you can change the order of User Directories, or alternatively use a connection to a LDAP directory instead.
Enabling CAPTCHA for Jira application login screens
CAPTCHA can be enabled so that anyone attempting to sign up to your Jira instance through the Jira login screen will be presented with a random sequence of letters, that they must type to confirm they're a real person. This is to try prevent spamming, and malicious attacks.
- In the upper-right corner of the screen, select Administration > System.
- In the sidebar, select General configuration.
- Scroll down the page and select Edit Configuration.
- Find CAPTCHA on signup and select On.
- Select the Update button at the bottom of the screen.
- Log out of Jira, click the Log in link at the top right of the screen, then click the Sign up link and verify that a random sequence of letters is displayed at the bottom of the Sign up screen — e.g. "winzers" in the following screenshot: