I’m struggling with customer account setup in our service desk. We enabled the option for external users to create portal-only accounts and allowed ticket submission without login requirements. However, there’s an unexpected behavior happening.
When customers submit requests, they get automatically added to both the customer list AND the project directory under “people and access” with the service desk customer role assigned. We only want them appearing in the customer section.
I’ve checked through various permission schemes and configuration settings but can’t identify what’s causing this dual assignment. Has anyone encountered this before?
What we’re trying to achieve:
Customers can submit tickets through the portal without account creation
They should only appear in the customer tab
No automatic assignment to project directory or roles
Is this possible with the current setup, or do we need to manually provision accounts to prevent unauthorized users from accessing our project directory?
Yeah, this is default behavior in most service desk setups. When portal customers submit tickets, the system has to create some kind of user relationship for tracking - that’s what triggers the project directory assignment. I hit this exact problem six months ago when we rolled out our customer portal. Fixed it by tweaking the user creation workflow at the system level. Go to global permissions and hunt for ‘Project Access on First Request’ or something similar - it’s usually hidden in advanced settings, not in the obvious customer portal stuff. The trick is splitting customer identity creation from project membership. Most admins look at portal settings, but the real control is in user provisioning workflows. Also check if any group assignments or default roles get applied when tickets are created. We used a workaround where customers start with minimal access and only get project directory access when an admin specifically grants it.
Had this exact headache setting up our external customer portal last quarter. Service desk treats every ticket like it needs an authenticated user, even anonymous ones. We fixed it with a buffer account - created one generic “portal customer” account that catches all anonymous submissions first. Then set up automation to move tickets to the right customer records without creating project directory entries. The setting you need is usually buried in ticket creation workflows, not portal settings. Check your ticket routing rules for anything about “user provisioning on ticket creation” or similar. You might need to kill automatic user creation completely and handle customer records separately so they don’t get project access. This keeps customers stuck in the customer tab while tickets still work properly.
for sure! I’ve been there too. Just look at ur customer role settings, there’s usually a setting that lets users bypass being added to the project dir. Turning that off should fix your issue!
Yeah, super common pain point with service desk setups. Hit this exact issue last year during external client onboarding.
Most service desk platforms auto-create project access when customers submit tickets. You can disable the obvious settings, but hidden workflows or automation rules usually keep triggering it.
I fixed this by building an automation workflow that intercepts new customer submissions and routes them properly without creating project directory entries. Instead of wrestling with nested permission schemes, I used Latenode to handle the whole customer onboarding flow.
It watches ticket submissions, creates customer records in the right spots only, and blocks automatic role assignments to project directories. You can also add custom validation and notifications.
Way cleaner than manually configuring service desk settings. Saves tons of time and kills these weird edge cases.