Documentation for Confluence 5.4.
Documentation for Confluence OnDemand and earlier versions of Confluence is available too.

Skip to end of metadata
Go to start of metadata

You can assign space permissions to groups or to individual users. You need to be a space administrator to assign space permissions. In addition, Confluence administrators can set the default permissions that will be applied to new spaces as described below.

To access the permissions for a space:

  1. Go to the space and choose Space tools > Permissions on the sidebar.
  2. Choose Edit Permissions.

If your space is using the Documentation theme:

  1. Go to the 'Space Permissions' page:

    • Choose Browse > Space Admin at the top of the screen.
      Note: The 'Space Admin' option appears only if you are a space administrator for the space or you are a super user (a member of the confluence-administrators group).
    • Choose Permissions from the space administration options.
  2. Choose Edit Permissions.

The 'Edit Space Permissions' page is divided into the following sections:

  • Groups – a list of groups which already have permissions to access the site.
  • Individual Users – a list of users who already have permissions to access the site.
  • Anonymous Access – the space permissions granted to all anonymous users of the site.

On this page:

Related pages:


Screenshot : Space permissions


Assigning space permissions to groups

  • To assign a permission, check the box next to the relevant group.
  • To deny a permission, uncheck the relevant box.
  • To add a new group to the list, type the group name into the text box in the 'Groups' section and choose Add. The group will appear in the list of groups. You can then assign the permissions.
  • To search for a group:
    • Choose the  icon.
    • The Group Search window opens. Enter all or part of the group name. You can use an asterisk '*' as a wild card.
    • Check the boxes to select the required group(s).
    • Choose Select Groups. The group name(s) will appear in the text box in the 'Groups' section.
    • Choose Add.
  • To bulk assign or revoke group member permissions, choose either Select All or Deselect All from the Actions dropdown list.

Choose Save All to apply the changes.

Assigning space permissions to users

  • To assign a permission, check the box next to the relevant user.
  • To deny a permission, uncheck the relevant box.
  • To add a new user to the list, type the username into the text box in the 'Individual Users' section and choose Add. The user will appear in the list of users, with 'View' permission assigned. You can then add more permissions if necessary.
  • To search for a user:
    • Choose the Magnifying glass icon.
    • The User Search window opens. You can read more about searching for users.
    • Check the boxes to select the required user(s).
    • Choose Select User(s). The username(s) will appear in the text box in the 'Individual Users' section.
    • Choose Add.
  • To bulk assign or revoke individual user permissions, choose either Select All or Deselect All from the Actions dropdown list.

Choose Save All to apply the changes.

Assigning space permissions to anonymous users

  • To assign a permission, check the box for the required permission.
  • To deny a permission, uncheck the relevant box.
  • To bulk assign or revoke anonymous user permissions, choose either Select All or Deselect All from the Actions dropdown list.

Choose Save All to apply the changes.

Note: You cannot grant space administration rights or page restriction rights to anonymous users.

Setting default space permissions

If you are a Confluence Administrator, you can set the default permissions that will be applied to new spaces. The default permissions are configurable for groups only, not for individual users or anonymous users.

To set the default space permissions:

  1. Choose the cog icon  at top right of the screen, then choose Confluence Admin.
  2. Choose Space Permissions under Security in the sidebar.
  3. Choose Edit Permissions.

Screenshot: Default space permissions


Managing and Recovering Space Admin Permissions

Users with System Administrator permissions are able to manage permissions for spaces, including adding or removing Space Admin permissions for a space.

To manage space permissions:

  1. Choose the cog icon  at top right of the screen, then choose Confluence Admin.
  2. Choose Space Permissions under Users & Security in the sidebar.
  3. Locate the space in the Individual Spaces list and choose Manage Permissions.

There may be some instances where a space administrator has removed Space Admin permissions from all other users and groups for a space, meaning that no other user can administer the space. Users with Confluence Administrator permissions can recover permissions for the space in this instance. 

To recover Space Admin permissions:

  1. Choose the cog icon  at top right of the screen, then choose Confluence Admin.
  2. Choose Space Permissions under Users & Security in the sidebar.
  3. Locate the space in the Individual Spaces list and choose Recover Permissions.

The user will then be able to choose Manage Permissions, and add any appropriate permissions to the space. Requests to recover permissions are recorded in the Confluence log files. 

Notes

Assigning permissions in bulk. There is no way to change a number of space permissions at once, via the Confluence user interface. Instead, take a look at the Confluence Command Line Interface. Here is a link to the CLI documentation. For an introduction to the CLI, see this blog post: Confluence CLI for bulk actions like deleting or publishing pages.

63 Comments

  1. Is it possible to assign space permissions in bulk? We have upwards of 30 spaces in our Confluence installation, and it's a real pain to have to go into each one and assign the same user and permissions. Thanks.

    1. Hi Gabe,

      You might want to give the Confluence Command Line Interface a try. Hope that could be of some assistance.

      Cheers,
      Azwandi

      1. Anonymous

        A lifesaver! FANTASTIC! This will really help. Thanks very much! (smile)

        1. (Oops... Forgot to log in. That last post was from me.) Thanks again.

  2. When giving someone Admin permissions, does one need to check all of the boxes or are "View" and "Admin" good enough? I know you can remove all permissions by simply deselecting "View". Not sure if that goes the other way; at least, the boxes don't all magically fill in.

    Thanks.

    1. Hi Peter,

      When you check the "Admin" boxes for giving someone admin permission, the user will have administrative permission over the space and can perform almost anything in the space regardless of other setting. Refer here for more information on what can a space administrator do?

      Cheers,
      Komathi

  3. Anonymous

    Hi,

    Is there any way to add anonymous access to space using command line interface

    1. Hi,

      As far as I know, you might be able to do that by using the remote APIs provided by Confluence. The following method might be what you are looking for:

      Alternatively, you might want to try the Confluence Command Line Interface tool:

      http://confluence.atlassian.com/display/CONFEXT/Confluence+Command+Line+Interface

      Please be noted that the tool is not supported by Atlassian.

      Hope that helps.

      Best rgds,
      zed

  4. Hi,

    Do you know if there is a limit to how many users can be added as individuals to a space? Apart from the limitation in patience maintaining the list that is (wink) .

    Thanks

    Alison

    1. Hi Alisson,

      As far as I am concerned, there is no limitation on the number of individual permission that can be set in a space.

      Just to test this out, I was able to add around 300 individual permissions to a space without problems.

      Best rgds,
      Zed

      1. Anonymous

        Hi Zed,

        We have created a group in a space and we are trying to add users to that group.

        It looks like there is a limitation of 20 users we can add to the group. We wanted to add around 300 users to this group.

        Is there any settings that we need to change for this?

        Best Regards,

        jabir

  5. Hi. Is it possible to allow an individual user or group permission to a page within a space where they don't have any permission? i.e. the opposite of individual page restrictions?

    1. Hi,

      I am sorry it is not possible. If you have set the space to not allow some users then the users should not be able to see any pages inside the space.

  6. Anonymous

    So if a space administrator goes on vacation, you are essentially locked out from changing permissions on that space ... even as a System Administrator?

    1. Hi,

      So if a space administrator goes on vacation, you are essentially locked out from changing permissions on that space ... even as a System Administrator?

      As far as I know, the System Administrator will able to access the space permission as stated in this page:

      Hope that helps.
      Best rgds,
      Zed

      1. Anonymous

        Yeah, you will see they say "Space permissions can only be granted by a space administrator. A space administrator has permission to do anything in the space regardless of any other setting."

        Later the document says "If you deny all administrative access to a space by mistake, so that nobody has access to administer the space any more, you will need to ask someone in the confluence-administrators group to fix the permissions for you.", but it doesn't explain how. I certainly can't find any way to fix them, I would think a "System Administrator" would be able to change any "Space Permissions". I'm guessing whoever wrote the documentation assumed the same thing I did, but didn't check.

        1. Hi,

          In order to fix the problem, log in as anyone in the confluence-administrators group and follow the above section To assign space permissions to users. Give the admin privilege to the user selected.

          Hope that helps.

          Cheers
          JSashi

          1. Anonymous

            You can't reach the space admin or space permissions screen as a confluence admin.  The procedure doesn't work.   Is there an alternative way to reset permissions on a space?

  7. Anonymous

    Hi,

    As a confluence administrator can I restrict a space administrator from creating more than 1 space?

    Thanks.

    1. Hello there,

      A Space Administrator will not be able to create a global space unless he has the "Create Space (s)" permission in the Global Permissions. On a related note, there is no way to limit the count of the space creation for a user who has the "Create Space (s)" permission.

      Hope that helps,
      Azwandi

  8. Hi, is there a way to remove an individual user from the permissions tab? For example, an individual user was granted access before. Later as he/she left we wanted to remove his/her name from the "individual users" section completely. I know we can uncheck his/her "view" access or uncheck all access to prevent further usage, but it's better to no longer show this user at all. Anyone can help? Thanks.

    1. Hi Qian Zhao,

      Hi, is there a way to remove an individual user from the permissions tab? For example, an individual user was granted access before. Later as he/she left we wanted to remove his/her name from the "individual users" section completely. I know we can uncheck his/her "view" access or uncheck all access to prevent further usage, but it's better to no longer show this user at all. Anyone can help? Thanks.

      I strongly recommend you to disable the user rather then removing the user, this is because you will not be able to remove the particular user who has created a content, page,comment and etc at your instance. However, if you still insists to delete the user you might want to refer to this documentation:

      NOTE: Please backup your database and your home directory before you proceed the above recommendation.

      Hope that helps.
      Best rgds,
      Zed (smile)

      1. Hmm. I find it fairly bizarre that I can't remove the user from the permissions structure. I don't want to remove the user from Confluence entirely, only from the permissions setup. There seems to be no option for that.

        Also, now that I've redundantly added this user (they are already in a group with the same permissions!), which takes precedence, the group permission setting or the individual permission setting?

        1. I recently found out if you uncheck everything in the individual user permission for that specific user, he/she will be removed from the permission setup.

          As for your second question, I'm curious too.

        2. I think Zed misunderstood your question, thinking that you wanted to actually remove the user from the system. In fact, as Qian say, if you remove all that user's individual space permissions they will stop showing up in the permission structure.

          For your second question, it doesn't matter.  Space permissions add together.  So if they have a permission both individually and as part of a group then they have that permission. If they have it only individually or only as part of a group then they have that permission.  You can't use the space permissions screen to explicitly remove permissions from a user who inherently has that permission as part of a group.

          1. So what happens if a user is member of a group that has a permission but that user is individually denied that permission? Would that user have or NOT have that permission?

            Example: User is a member of GroupA that has Add Attachment granted, but the user is identified as an individual that does not have Add Attachment. Can the user add attachments or would they not be able to add attachments?

  9. Hi
    Permissions management in Confluence is rather limited when it comes to implemenation within the organizations.
    In our case we have many teams and groups that need permissions to specific pages in a space.
    If I set the permissions on a space to LDAP Group 'GroupA' and now need to assign read/write permissions on selected page(s) within the space to 'GroupB', I need to grant 'GroupB' permissions on the entire space and then restric all other pages to 'GroupA' only.

    Is there an intention in Attlassian to fix this architucture and to allow the same structure that exists in Window.?

    1. Hi, 

      I am actually looking for exactly the same functionality. If you have a space full of pages that you only want to share on a "need to know" basis, then I don't see a workable solution in Confluence. Did you arrive at a solution in the mean time?

      Thank you,

      Alex

      1. This is discussed on  CONF-7089 - create the ability to 'add' page permissions for users and groups Open

  10. I don't believe the following statement which appears above on the page is correct:

    "Differences in Confluence Hosted
    If you are using Confluence Hosted, anonymous visitors cannot access your site. Read more about the [feature limitations in Confluence Hosted]."

    We are using Confluence Hosted on a month-to-month subscription and anonymous visitors do have access, which is what we expect.  Could someone from Atlassian please verify?  I searched on Support issues, knowledgebase, etc. and didn't find anything else about it.

    Thanks,

    Gina

    1. Hi Gina,

      I am not sure where I can find this statement, would you mind pointing us to the page? I would not be surprised if there is such a reference, as our previous hosted version was a shared instance and this permission setting was imposed on it. We will amend the page accordingly.

      The current hosted version is no longer a shared instance, and therefore, subscribers are given full access to the instance. In general, you should be able to allow/disallow anonymous users from accessing your hosted instance.

      Cheers,
      Azwandi

      1. Hi Azwandi,

        Check out the page history for this page from this week:

        [Giles Gaskell Atlassian Technical Writer|http://confluence.atlassian.com/display/~ggaskell]:
        Removed reference to Confluence Hosted for Small Business due to its service termination.

        I was so impressed that someone is monitoring these comments and correcting the docs right away, that I told everyone involved in our wiki pilot. 

        Gina

        1. Hi Gina. Thanks for pointing that out. Credits to Giles for getting into this real quick. Anyway, I hope that the wiki pilot will turn out to be successful!

  11. Hi,

    Is there a way to assign a group to have permission to all spaces as default?

    I want to create a group who can view all pages and content without having the rights to view the admin console.

    Thanks

    1. Hi Tanya,

      This might not be a timely response.

      The only way I can think of is including those users to confluence-users group. Then when you create a Space, leave the default settings for the permission which is Registered Users (confluence-users group). You will need to check your Global Permissions to ensure that confluence-users group does not have permission to access Administration Console.

      I have also found an improvement request here pertaining to your requirement.
      Please feel free to add yourself as a watcher, vote for this improvement and add your own comments to this request. For further details on how we include new features and improvements, you might want to read this page.

      Hope this helps (smile)

      Cheers,
      Husein

  12. Anonymous

    Hi,

    Our one of requirement is to get a tab sheet/style look and feel for all major/top-level folders. We achieved this by adding composition plug-in.

    Now we need to know whether "it is possible to restrict viewing/displaying the tab based on the access privilege”. I searched atlassian site for this but i didn’t find solution. Can you please help me?

    1. I am not entirely sure of your requirements, however, may I know if you are aware of Page Restrictions? This feature provides View and Edit restriction for a page and its children, allowing you to select who can view and edit the page.

  13. Anonymous

    Is there any kind of access right, which limits/denies the adding of "Individual Users"?

    My "Space Admin" page doesen't looks like this after pressing the "Edit Permissions" button.

    The "Grant browse permission to"- input field is missing.

    Regards,

                 Boris

    1. Hi Boris,

      You should be able to see the "Grant browse permission to"- input field if you are a space admin. I would highly suggest you to raise a support ticket to https://support.atlassian.com, so that your issue can be further investigated. Also provide the following:

      1. Attach a copy of your Support Utility zip file which can be created via Administration > Support utility > Create Support Zip. If you are using Confluence version below 3.1, please provide us:
        • A copy of your Confluence log file located at <confluence-home>/logs/atlassian-confluence.log
        • The system information page. You can obtain the page by accessing the http://<path-to-confluence>/500page.jsp
      2. Full browser screenshots that illustrate the problem.

      Cheers
      JSashi

  14. One of the issues affecting adoption within our group is a concern that Confluence Administrators will be able to see private pages (HR, CEO's stuff, etc.). Is there a way to restrict viewing from everyone including the Confluence Administrator. How are other organizations handling this?

    1. Hi Patrick,

      There is a discussion on this matter in the following improvement request:

      I am afraid that confluence-administrators group have a special privileged and current we cannot remove those privilege. I would suggest you to move the user in Confluence-administrator groups to another group and make sure that the groups has the Administrator permission in global permission.

      Hope that helps.
      Cheers,
      Zed

  15. Anonymous

    Hello there,

    Is is possible to change the default space permissions? I want to make sure all users can remove attachments, and it takes too much time to administer the space settings everytime one is created.

    Many thanks

    Sabrina

  16. Anonymous

    How this is affected when you manage user with CROWD? Do I need to do some special configuration to the groups.

    I want to keep the group confluence-users for those users with access to all spaces.

    then I want to create individual groups with limited access to specific spaces. When I do that, I notice that the access if totally denied.

    What do I  need to do in order to accomplish that with Crowd and Conflunce?

    "What you need to do, is create your different groups and put in the relevant users. You will then setup the group permissions for each space in Confluence." - How this work with Crowd?

  17. Anonymous

    Hello there,

    is it possible to prevent confluence admin visiting my personal space? I known there is no option in the 'Space Permissions', but exist some hack or so to do that.

    Thanks

    Alex

  18. If a person is in two groups A and B, and each group is given different permission sets A' and   B' on a space, is the permission set applied for that person A' && B' or A' || B' ?

  19. Hi all,

    Where I work I'm a Space Admin for two wikis.  Recently a user changed their name, so requested a new login to suit.  That was done and I was then asked to go in and re-add her to specfic restricted pages.  I was under the impression from the Confluence documentation that a Space Admin can do this, but when I get to the page it says that "You Cannot View This Page" and I see no way to alter the page level permissions for either the user or myself (aside from removing the restrictions on the Restricted Pages under the Space Admin menu). 

  20. A user was granted customized space permissions as of now. I would like to remove those customizations and make him inherit default space permissions. How can we do this?

    i.e. After adding a user to create custom space permissions at individual user level, How can we remove that user row with customized space permission listing?

  21. Anonymous

    hi all

    I'm admin and I have all Permissions but I get the following error message when I import Word-Document into Confluence.

    Error Message:   "You don't have permission to edit this page"

    Can anyone please help me?

    Thanks

    Jasi

  22. Anonymous

    Hi All

     

    Is it possible to assign a group to see only the space they are assigned to access  rather than they see all the spaces when they login?

     

    Thanks

  23. Beware, being a super user really means being a member of confluence-administrators, it is not sufficient to be a System-Administrator. See my comment in the Users and Groups page...

  24. Anonymous

    Am I a second person who needs the answer on this question?

    "Is it possible to assign a group to see only the space they are assigned to access rather than they see all the spaces when they login?"

     

    Please, if you know the answer - let me know,

    Thanks

    1. Yes, you can restrict users to a single space.

      I set this up for my outsourced help desk.

      Members of my help desk group (3p-helpdesk) are not part of any other security groups (so they don't inadvertently end up with "View All" permission in the wrong spaces as part of "confluence-users" or some other default group)

      3p-helpdesk has the following permissions:

      Global Permissions: Can Use

      "3P Help Desk" Space Permissions: View All

      They can see a very limited standard dashboard (instead of my custom landing page) with only activity from their "3P Help Desk" space.

      Just make sure you remove them from any other groups, and you won't have to worry about them inheriting additional permissions.

  25. In a space, if a user is already a part of a group, can you set space permissions by adding them as an individual user?

    1. Hallo Jessica

      Yes, you can. Note that you can't reduce their level of permissions by adding them as individual user. The user will get the most powerful permission, whether it's granted via the group or via the individual permission.

      For example, assuming 'jsmith' is part of the 'reviewers' group:

      • If the 'reviewers' group has 'Create Page' permission in the space, then 'jsmith' will have that permission even if it's not assigned to him personally.
      • If 'jsmith' has 'Delete Page' permission in the space, but the 'reviewers' group does not, then 'jsmith' will still have that permission.
  26. Anonymous

    Is there a way to limit access to Administrator of the whole OnDemand account 

    (and not allow him to re-enable it) to a specific spaces or pages? This would be useful for my HR and Contract related spaces etc. ?

  27. I am assigning read-only access to a group (I even gave read-only access to anonymous), but when that user (or a non-logged-in user) tries to view a page in the space, they see "You are not permitted to perform this operation." If I give that same user more permissions (add/edit,etc.) then they can see and edit the space as expected. The pages are on an internal site so I can't give you a usable URL to test it for yourself, but trust me, if View is the only permission, the user cannot in fact view the space. Any ideas?

    1. Anonymous

      To solve that you have to add the user or the group of the space to the Global Permissions without any additional rights.

  28. Anonymous

    • Choose Browse > Space Admin at the top of the screen. 
      Note: The 'Space Admin' option appears only if you are a space administrator for the space or you are a super user (a member of the confluence-administrators group).

    I am administrator but the Browse menu isn't there.  Is there another way to get to it?

  29. Hi,

    I have created 2 spaces:

    • a space dedicated (space A) for a team (Team A) for external people (provider)
    • a space dedicated(space B) for a 2nd team (Team B) with anonymous access granted for all internal of my company.

    I want to restrict to Team A  the access to space B because  Team A is a provider.

    I customize access for space B (disable access for team A) but Team A can still access to space B.

    Anonymous access granted access to TEAM A to space B despite restriction for Team A.

    Someone can help me to my twisted case? (wink)

     

    Thanks a lot

  30. I am wondering if there is a way to restrict a confluence-administrator (I created a separate admin group and assigned them confluence admin privileges but not sys admin rights) so that they can do everything but administer ONE space?

     

    I would like the staff member to be able to admin user management and all other spaces.

     

    Thanks!

    1. Hi Debbie, 

      This is possible using space permissions, but with one limitation. First off, you would need to make sure your administrator is not a member of any other group that has permissions to see the space you want to restrict (for example the default group confluence-users), and that they do not have the System Administrator global permission.

      The limitation comes from the fact that users with Confluence Administrator global permission can recover permissions for spaces in Confluence Admin > Space Permissions (shown below). This is to make sure that spaces are always recoverable if restricted to a user who leaves the organisation for example. 

      So in day to day terms, your administrator would not be able to see or access the space, but could purposefully recover permissions for the space.

      Another option would be to place a page restriction on the home page of the space, and specify only the users and groups that should be granted permission to view the page.  This restriction would be inherited by all child pages in the space.  Page restrictions override any space permissions. 

      Hope this helps. 

      1. Thanks for that information. I have put restrictions on the home page for users but as a confluence administrator, the person I'd like to exclude from the space would still be able to access it, it seems.

        The only thing I can think of doing is removing them from being a confluence administrator completely.

        1. That is the only way to ensure no access at all to the restricted content.