Technicalsupport

@Yuri, we're all aware of the workaround that involves turning off attachment download authentication - it's how we've been limping along this entire time.  Not to be rude, but what is gained by having the attachment links appear in two places in JIRA?

Christine's original request from 2014 (and everyone else's in this thread) is that attachments actually be transferred in whole to JIRA so that no connection to Zendesk is necessary to open the attachments in JIRA.

Why would this be important?  Glad you asked.  HIPPA, PCI, etc. require secured information.  Let's say one attachment includes a screen shot with a credit card or social security number on it.  Leaving the attachments publically accessible is a clear security violation, even if the links to the attachments are not easily guessed (obfuscation is not the same as security.)  So, if you don't want your attachments available for public download, then you have to keep authentication enabled.  If you have authentication enabled then non-Zendesk users (such as developers who only use JIRA) cannot access them... UNLESS THE FILES ARE ACTUALLY IMPORTED INTO JIRA AS ACTUAL ATTACHMENTS!

@Yuri, I just created a new Zendesk ticket with an attachment and then linked it to a newly created JIRA issue.  A link to the attachment appeared in all locations as before.  Clicking on any of the links takes the user to Zendesk and requires a login (or does not if you have authentication on attachments disabled).  I am not sure how this is different other than that now new attachments on comments are also shown as links in JIRA, which is nice, but not what is needed most.

The real request is that files are transferred to JIRA so that they become actual file attachments that are not dependent on Zendesk access.  As it is, our developers have no Zendesk account, so we are still in a vulnerable state where we must turn off authentication for Zendesk files or we have to manually copy files over to JIRA.

Sure, the start of this thread was about transferring attachments, which would be preferable, but the option to not require authentication could be considered a viable alternative and that's something that actual support (not in this thread) did not suggest that Andre did.

Andre, you're a life saver!  That's perfect - one checkbox does the job.  Now why in the would couldn't Zendesk support tell me that!?