Enabling public signup and CAPTCHA

Still need help?

The Atlassian Community is here for you.

Ask the community

 

About public signup and CAPTCHA

For some organizations it is appropriate to enable public signup, which allows users to create their own accounts. If these users create accounts that gives them access to JIRA Core or JIRA Software, these accounts will consume a license for these applications. If public signup is switched on for JIRA Service Desk, and customers create their own accounts, these accounts do not consume a license.

If public signup is not enabled, then only a JIRA administrator can create new user accounts.

For security reasons, even if you enable signup, it is still necessary for users to have the appropriate project permissions before they can see or create issues. Note that you can use automatic group membership to add all new users to appropriate groups.

On this page:

If your JIRA application server is accessible from outside your organization's firewall, and you have enabled signup, then you may want to also enable CAPTCHA. CAPTCHA helps ensure that only real humans (and not automated spam systems) can sign themselves up to JIRA. When CAPTCHA is enabled, visitors will need to recognize a distorted picture of a word (see example below), and must type the word into a text field. This is easy for humans to do, but very difficult for computers.

 

Enabling public signup for JIRA Core and JIRA Software

  1. Log in as a user with the 'JIRA Administrators' global permission.
  2. Choose > System. Select General Configuration  to open the Administration page.
  3. Click 'Edit Configuration' at the end of the page.
  4. In the 'Mode' drop-down, select 'Public'.
  5. Click the 'Update' button at the bottom of the screen.
  6. Log out of JIRA, then click the 'Log In' link at the top right of the screen and verify that the 'Sign Up' link is displayed at the bottom of the login screen.

 

Enabling public signup for JIRA Service Desk

With public signup enabled, agents can invite new customers to a service desk project, and new customers can create accounts on the Customer Portal and through email. Enabling public signup for your service desk project also enables a honeypot technique which helps prevent spambots from creating accounts through the customer portal.

You must first enable public signup at the system level:

  1. Log in as a user with the 'JIRA Administrators' global permission.
  2. Choose  > Applications. Scroll down to the JIRA Service Desk section and choose Configuration.
  3. In the Public signup section, enable the setting. 

You or a service desk project administrator can then open a service desk at the project level:

  1. Go to Project administration > Customer permissions.
  2. Select Anyone can sign up for a customer account on my Customer Portal

New customers will be added to the Service Desk Customers project role. Note that customer accounts created via public signup don't count towards a service desk license.

In situations where users are unable to change their passwords, check that a Delegated Authentication Directory is not the highest in the order of User Directories. As a workaround, you can change the order of User Directories, or alternatively use a connection to a LDAP directory instead.

Enabling CAPTCHA for JIRA application login screens

CAPTCHA can be enabled so that anyone attempting to sign up to your JIRA instance through the JIRA login screen will be presented with a random sequence of letters, that they must type to confirm they're a real person. This is to try prevent spamming, and malicious attacks.

  1. Log in as a user with the 'JIRA Administrators' global permission.
  2. Choose > System. Select General Configuration  to open the Administration page.
  3. Click 'Edit Configuration' at the end of the page.
  4. Locate 'CAPTCHA on signup' and select 'On'.
  5. Click the 'Update' button at the bottom of the screen.
  6. Log out of JIRA, click the 'Log In' link at the top right of the screen, then click the 'Sign Up' link and verify that a random sequence of letters is displayed at the bottom of the 'Sign Up' screen — e.g. "winzers" in the following screenshot:

 

Last modified on Jan 31, 2018

Was this helpful?

Yes
No
Provide feedback about this article
Powered by Confluence and Scroll Viewport.