Jira Service Management

Jira Service Management

Jira Service Management is an IT service management and customer support platform by Atlassian. Customer-facing portal widgets embedded on websites load scripts that authenticate users, render ticket forms, and track support request submissions.

Jira
Part of Jira
Back to Vendor Library

Overview

Jira Service Management (JSM), formerly Jira Service Desk, is Atlassian's IT service management (ITSM) and customer support platform. Organizations embed JSM portal widgets on their websites, internal help pages, and employee intranets to allow end users to submit tickets, search knowledge base articles, and track request status without navigating to the full Atlassian portal. The widget provides a self-contained support interface tightly integrated with the organization's Jira project workflows.

What This Script Does

Portal Widget Loading

  • Loads the JSM portal embed from <organization>.atlassian.net/servicedesk/... endpoints
  • Widget JavaScript is served from Atlassian's CDN at jsd-widget.atlassian.com (the Jira Service Desk widget script)
  • Script file: https://jsd-widget.atlassian.com/assets/... bootstraps the widget iframe

Core Functionality

  • Renders a support intake interface: request type selection, form field inputs, file attachment upload
  • Provides in-widget knowledge base search against articles published in the connected JSM project
  • Displays the user's open and resolved requests when authenticated
  • Submits ticket data directly to the organization's *.atlassian.net project queue

Cookies and Sessions

  • atlassian.xsrf.token — CSRF protection token, first-party (on atlassian.net), session
  • tenant.session.token — authenticated Atlassian account session, first-party within the iframe context, session/persistent depending on "Stay signed in" setting
  • ajs_user_id — Atlassian analytics identifier for logged-in users, persistent
  • ajs_anonymous_id — anonymous visitor identifier for Atlassian's product analytics (Amplitude), persistent, ~1 year; tracks widget interactions for Atlassian's own product improvement purposes
  • Form state may be preserved in sessionStorage within the widget iframe

Data Collected

  • Form field inputs submitted by the user (name, email, issue description, custom fields)
  • File attachments uploaded as part of the ticket
  • Session identifiers for request status tracking
  • Widget interaction events (opens, searches, form abandonment) sent to Atlassian's analytics pipeline

CDN and API Domains

  • jsd-widget.atlassian.com — widget bootstrap script
  • <org>.atlassian.net — ticket submission and data storage
  • analytics.atlassian.com — Atlassian product analytics

Consent & Compliance

Consent category: Functional

JSM portal widgets are functional support tools. Under GDPR Article 6(1)(b), processing user data to fulfill a support request is covered by contractual necessity or pre-contractual measures. Under the ePrivacy Directive, session and CSRF cookies necessary for secure ticket submission are strictly necessary and exempt from consent. The ajs_anonymous_id cookie used for Atlassian's own product analytics is more nuanced — it is set for Atlassian's benefit rather than the user's immediate need, and a strict interpretation could require consent for it. Atlassian is headquartered in Australia (with US operations) and participates in the EU-US Data Privacy Framework. Under CCPA, support ticket data is collected in a direct service interaction and does not constitute a sale of personal information.

Should You Block This Without Consent?

No. JSM widgets enable user-initiated support interactions. Their primary cookies serve session management and CSRF protection for the ticket submission flow. Blocking the widget would prevent users from accessing support functionality entirely.

Visit website

Consent Categories

Functional

Also Known As

Jira Service ManagementJSM widgetAtlassian helpdeskJira support portalJSM cookiesAtlassian tracking

Industries

Programming and Developer SoftwareComputers Electronics and Technology

Frequently Asked Questions

Does the Jira Service Management portal widget require visitor consent?

No. The JSM widget enables user-initiated support ticket submissions. Session and CSRF cookies are strictly necessary for the secure submission flow and are exempt from consent. The ajs_anonymous_id analytics cookie used by Atlassian internally is a nuance, but the primary widget function does not require a consent gate.

What does the Jira Service Management widget load and collect?

The widget bootstraps from jsd-widget.atlassian.com and loads inside an iframe pointing to your organization's atlassian.net portal. It sets a CSRF token, tenant session cookie, and ajs_anonymous_id (persistent Atlassian analytics ID). Form responses including name, email, issue details, and attachments are submitted to your Jira project queue.

How does ConsentStack classify Jira Service Management?

ConsentStack classifies JSM as functional and allows the widget to load without a consent gate. It appears in your ConsentStack vendor inventory so visitors can see it in your privacy notice. If your organization also uses other Atlassian tools with marketing tracking, those are evaluated separately as distinct vendors.

Related Vendors

Google Maps
Google Maps
Google Maps is the dominant web mapping service used for embedded maps and location features on websites. Scripts load interactive map tiles, geocoding, and Places API functionality through the Maps JavaScript API. May set cookies to remember map preferences and manage API quota.
Google Search
Google Search
Google Search appears on websites through the Programmable Search Engine, enabling custom site-specific search functionality. Scripts load the search widget from Google's servers to render search bars and display results within the host website. Sends search queries to Google's index and may set cookies for search personalization and query history.
Google
Google
Google is the dominant provider of web analytics, advertising, and infrastructure tools. Scripts like Google Analytics, Tag Manager, Ads, and reCAPTCHA collect behavioral data, manage tag firing, serve targeted ads, and detect bots. Sets persistent cookies to track users and correlate activity across sites.
Microsoft Teams
Microsoft Teams
Microsoft Teams is a workplace communication and collaboration platform that can be embedded on websites for chat, meetings, and document sharing. Embedded widgets load from Microsoft's servers to enable real-time messaging, video calls, and file collaboration. Sets authentication and session cookies to verify participant identity and maintain connection state.
Apple Maps JS
Apple Maps JS
Apple Maps JS is Apple's JavaScript mapping framework for embedding interactive maps on websites. Scripts load map tiles, location pins, and routing data from Apple's MapKit servers to render navigable maps within web pages. Requires a MapKit JS token for authentication but does not set tracking cookies or collect behavioral analytics data.
Apple Business Chat
Apple Business Chat
Apple Business Chat enables direct customer messaging between websites and Apple's Messages app. Scripts load chat buttons and conversation interfaces that connect visitors to business support agents through iMessage. Sets minimal session cookies to maintain conversation context but does not track browsing behavior or collect analytics data.

Manage consent for Jira Service Management

ConsentStack automatically detects and manages Jira Service Management trackers so your site stays compliant with global privacy regulations.

Get started free