Hello @Joseph Chung Yin , thank you for your help. 
We use Basic Auth, with an API token and the main JIRA admin as login/password (which is me!). 

We cannot use the JSM portal as we want our customer to contact our support agents with a specific form on our web client dashboard. 

Is there a way or an authentication method that would allow our customers to post comment on their own JSM request, without showing as me (or the JIRA admin) as the author of the comments? 

I understand that at the moment, since we use Basic Auth, it is the Token owner that is the author of the comment we we use the Add Request Comment API. Any solution?

Thank you so much. 

@Julien Borrelli -

Unfortunately, Yes.  The PAT owner will be the author of the comments.  The only other thing I can think of is asking your customers to include his/her names/ID as part of the comments body.  So, you will at least knowing who made the actual comments.  However, it is not ideal.  

Sorry.

Best, Joseph

Thank you @Joseph Chung Yin for your answer and your support. 

So, beside Basic Auth, is there any other authentification method that we could use to have our Customers as the author of their comments? OAuth2 maybe?

Thank you again!

@Julien Borrelli -

If your customers uses his/her account to access your portal, then you can take a look at personal access token (PAT) to establish authentication against your JSM - https://support.atlassian.com/atlassian-account/docs/manage-api-tokens-for-your-atlassian-account/

Here is a previous posting that talk about using PAT with Jira REST APIs (just look for the Jira Cloud section) - https://community.atlassian.com/t5/Jira-questions/How-to-authenticate-to-Jira-REST-API/qaq-p/814987

Hope this helps.

Best, Joseph