Restrict Permission Available to Anonymous Users in Spaces
Platform Notice: Data Center - This article applies to Atlassian products on the Data Center platform.
Note that this knowledge base article was created for the Data Center version of the product. Data Center knowledge base articles for non-Data Center-specific features may also work for Server versions of the product, however they have not been tested. Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.
*Except Fisheye and Crucible
Summary
As a Confluence Data Center administrator, you can make your site public so anonymous users can access it. However, the level of permissions an anonymous user will have is set in each space specifically by the space owner or site administrator.
Monitoring whether you have spaces with more permissions than necessary for anonymous users and revoking these accesses can be difficult. You may want to restrict the permissions a space owner sets for them to prevent unnecessary permissions from being assigned to unauthenticated users in your spaces.
Solution
As the site administrator, you can set HTML customization on your instance that allows you to restrict if Anonymous access permissions can be shown in the Space permissions for non-admin or all users, or even show only the view permission is available to be set using the following codes. To add these customizations, please go to Administration → General configuration → Custom HTML.
Be mindful that customizations are not part of our support scope as per Atlassian Support Offerings. Any effort provided to support issues related to customization will be on a best-effort basis by the support engineer.
These customizations don't affect previously granted permissions in your spaces. You can use the article below to find the spaces with Anonymous Access already enabled.
How to find various permissions on the Spaces which have anonymous access enabled with Database Queries.
Hide the Anonymous Access section from non-admin users
To hide the whole Anonymous Access section from the space permissions for the non-admin users, please set the following code in the At end of the BODY field.
<script type="text/javascript">
AJS.toInit(function(){
if (!AJS.params.isConfluenceAdmin) {
AJS.$('#aPermissionsTable').hide();
}
});
</script>
Hide the Anonymous Access section from all users
To hide the whole section from all users, including admins, include the following code in the At end of the BODY field.
<script type="text/javascript">
AJS.toInit(function(){
AJS.$('#aPermissionsTable').hide();
});
</script>
Hide all permissions other than View
If you want to allow space owners to make the space visible to anonymous users but restrict the permission available to be granted only to View, please set the following code in the At end of the BODY field.
<script type="text/javascript">
AJS.toInit(function () {
if (!AJS.params.isConfluenceAdmin){
AJS.$('#aPermissionsTable td button').hide();
AJS.$('#aPermissionsTable td.permissionCell').each(function () {
if (AJS.$(this).context.dataset.permission != 'viewspace') {
AJS.$(this).hide();
}
})
}
});
</script>