Hi @Angélica Luz ,

Moving further with this, I have now created a classic projects and also setup a separate project for each vendor so it is easier to manage the tickets. 

Now, one of the vendor has come back to us recently and requested the following,

1. Portal access to view all the issues we have been looking after for their customer on their behalf.

2. Raise a request directly from the portal if customers contacts them directly.

3. Reporting access to see how many issues we have resolved etc.

4. Add internal comments only in the issue for our team if customers have contacted them directly.

Questions,

1. Do I need to buy a service desk license to achieve all 4 above?

2. We have setup some custom fields for our internal team to update which we do not want this particular vendor to see it. How do we restrict their access to limited fields when they are viewing those issues?

Thanks

Dean

This is quite urgent, can you please come back to me asap?

Hi Dean,

When you have a service desk project, automatically it will have a customer portal for them to create tickets.

1 - If this vendor is a customer, they will be able to see only the tickets they created and also tickets where they are a participant or if it's shared with the organization. They won't be able to see all the tickets in the project unless it's shared with them.

2 - As a customer, if they have access only to the customer portal, they can't create tickets on behalf of other customers, they will have to create the ticket and share with the customer.

3 - As a customer, they can't see reports, this is available only for licensed users (agents).

4 - Internal comments are restricted to agents, customers don't have this option on the customer portal.

About your questions:

1 - You already have a service desk, if you receive an error adding the default group to this vendor, then you will have to contact our customer advocates to check your license.

2 - If you give this vendor a license and add them to the project, they will see all the fields, it's not possible to restrict that.

Regards,
Angélica

I have tried the customer option but the limitation with that is they can change the view of the columns for the tickets logged by them and the search functionality is not great either.

I was hoping to add them as a licensed user (agent) but then restrict their permissions for the project and restrict the fields they see using the issue security. Is that not possible?

Is there any update Angelica?

The issue security will protect the issues only, for example, when there are many tickets in a project and you need to share only one ticket with a specific person, or some tickets contain sensitive information about some user and only administrators may have access, so you can restrict it to groups. 
So, if this vendor checks some ticket they will be able to see all the fields that were added to that project or ticket.

So there is no third-party plugin available for cloud which provide a field security schemes?

Hello Dean,

Currently, there is no marketplace app for field security schemes within Jira cloud. Here is a preset search for Atlassian Marketplace | Field Security for Jira Service Desk Cloud.

Regards,
Stephen Sifers