Cloud
Data Center 9.3
Versions

Anonymous Access to Remote API

Configuring Confluence Security

On this page

Related content

  • No related content found

Still need help?

The Atlassian Community is here for you.

Ask the community

XML-RPC and SOAP remote APIs were deprecated in Confluence 5.5 and are disabled by default. They can be enabled, but we recommend using the fully supported Confluence Server REST API wherever possible.

Administrators may wish to disable anonymous access to the Confluence remote API (XML-RPC and SOAP APIs) to make it harder for malicious users to write 'bots' that perform bulk changes to the site.

To disable anonymous access to the remote API:

  1. Select Administration menu , then select General Configuration
  2. Select Security Configuration in the left-hand panel. The Security Configuration screen will appear.
  3. Select Edit.
  4. Clear the Anonymous Access to Remote API checkbox.
  5. Select Save.

Notes

This page is about access to the remote API. If you are looking for information about preventing anonymous users from accessing Confluence, see Global Permissions Overview.

Last modified on Dec 10, 2024

Was this helpful?

Yes
No
Provide feedback about this article

Related content

  • No related content found
Powered by Confluence and Scroll Viewport.