'Portal Customers' get access to the customer portal, they can always create if given access.

'Internal Customers' or users would need a JIRA license in order to see anything and comment on internal Projects. Unless you want a public facing project (see Atlassian JIRA for example), but again can't limit creating issues. 

Thanks for the response.  Just to clarify, when you state "they would still be the ticket's reporter," do you mean the agents or the customers? I'm assuming you mean the customers.

Perhaps I should ask the question a different way.  Given that removing the create permission is problematic, is there any way to hide the create request function from portal customers? 

There is an option to hide the request type indeed, but it will not solve your problem:

When you hide a request type from the portal, it will no longer show on the Requests overview page either.

Could you explain what you are trying to achieve here or why you would want your customers to add things, but not create issues? I am wondering what problem you are trying to solve here.

I have a mandate that only Service Desk Agents are allowed to create requests in JIRA Service Desk.  (I did not create the mandate. I've been assigned the task of making it happen).  After the request is created by the SD agent, the portal customer can add comments to the request record in the system. 

I already explored the option of hiding all the request types on the portal home, but the problem with that approach is that it appears to be global, so our agents wouldn't be able to see them either.

I'm getting a sense that Service Desk just won't accommodate this scenario.