Documentation for Confluence 5.5.
Documentation for Confluence Cloud and earlier versions of Confluence is available too.

Skip to end of metadata
Go to start of metadata

Every space has its own independent set of permissions. Space permissions can only be granted by a space administrator.

Permissions can be assigned to individual users, groups or anonymous users.

These are the permissions that can be assigned at the space level:

  • View: user can view this space's content, including the space's details, and its pages and news items (blog posts)
  • Pages:
    • Add – user may create and edit pages in this space.
    • Restrict – user may apply page-level restrictions.
    • Delete – user may delete pages in this space.
  • Blog:
    • Add – user may add and edit blog posts in this space.
    • Delete – user may delete blog posts in this space.
  • Comments:
    • Add – user may make comments in this space.
    • Delete – user may delete comments from this space.
  • Attachments:
    • Add – user may add attachments in this space.
    • Delete – user may delete attachments from this space.
  • Mail:
    • Delete – user may delete individual mail items.
  • Space:
    • Export – user may export content from this space via the space-level export screens. Note that this permission does not affect the exporting of a single page's content. Anyone who has permission to view the page also has permission to export its content.
    • Admin – user has administrative permissions over this space.

Notes

Warning: If you deny all administrative access to a space by mistake, so that nobody has access to administer the space any more, you will need to ask someone with Confluence Administrator global permission to restore the permissions for you.

59 Comments

  1. Anonymous

    I added some permissions on a space for individual user. Now this user is in a group so I do not need special permissions as individual. I wanted just to delete all them but this is not possible. Why can I not remove this user from individual permission list if once added?

    1. Hi,

      I think the user you are trying to remove has the space admin permission? If that is correct, you need to replace the user with another user or group that you want to grant the space admin permission. Just follow the steps documented here in order to assign space-admin permission to another user/group. You can only remove a particular space admin after assigning the space permission to another user/group. Otherwise you will get the error message "You are not allowed to remove all the Administration Permissions for this space."

      Hope that helps. If I have misunderstood your question and you require further assistance, please raise a support ticket to https://support.atlassian.com, so that your issue can be further investigated. Also provide the following:

      1. The exact error message that you receive when you try to remove the individual user from the permission list
      2. A copy of your Confluence log file located at <confluence-home>/logs/atlassian-confluence.log
      3. The system information page. You can obtain the page by accessing the http://<path-to-confluence>/500page.jsp
      4. Screenshots that illustrate the problem.

      Cheers
      JSashi

    2. In order to no longer see the user under 'Individual Users' you edit their permissions and 'deselect all'.  Once you save it their name will be removed from the list.

  2. Anonymous

    Is there any way to grant the permission to “delete your own stuff” (pages you have created) as opposed to the permission to delete any page in a particular space?

    1. Hi,

      Is there any way to grant the permission to “delete your own stuff” (pages you have created) as opposed to the permission to delete any page in a particular space?

      As far as I know, the feature request is not available yet. However, there is an improvement being raise on this issue:

      Please add your comments to the discussion, vote on it and add yourself as a watcher for future updates. Also, please bear in mind the following document on how we schedule features for inclusion in our products: Implementation of New Features and Improvements

      Hope that helps.
      Best rgds,
      Zed (smile)

  3. Hi,

    Are there any plans for adding a "View" permission to the News component, or allowing restricted access to individual News items for a given space's News?

    Our company is generally open when it comes to our projects, and most spaces can be accessed by any employee (including my current project's space).  We would like to use the News feature to post updates from our clients in the appropriate spaces, however, most of the time that info is highly confidential and needs to be restricted to a particular team.  Right now the only way we can do that is to lock down the entire space, which we're not huge fans of.

    Thank You,

    Adam

    1. Hi Adam,

      I am afraid that this is not currently possible.However, I have found a similar feature request. Please add yourself as a watcher, vote for this feature and add your own comments to this feature request. For further details on how we include new features and improvements, you might want to read this page

      Cheers
      JSashi

  4. Is there a way to redefine the default groups that are granted permission to any newly-created space? 

    For instance, I am using an LDAP group ("confusers") instead of the local group "confluence-users".  Every time a new space is created I have to add the group manually.

    1. Hi Roy,

      As far as I know the feature requested is not available yet. However, I found a feature request in JIRA:

      Please add your comments to the discussion, vote on it and add yourself as a watcher for future updates. Also, please bare in mind the following document on how we schedule features for inclusion in our products: Implementation of New Features and Improvements.

      Best rgds,
      ZEd

      1. Thanks Zed.  Voted.  4 votes in 3+ years doesn't bode well though, does it :-)

        I opened a ticket, and some source code modifications were suggested.  This pointer and some further research led me to:

        https://spaces.internet2.edu/display/InCAtlassian/Penn+State+University+Confluence+Notes+and+Source+Code+Modifications

        May give this a try at some point.

  5. At http://confluence.atlassian.com/display/DOC/Working+with+Spaces it is stated:

    Page permissions alone cannot keep the existence of a page secret. The page should be in a restricted space instead.

    Does this mean that you can hide the existence of pages from a specified group by placing them in a space which the group does not have view permissions?

  6. Anonymous

    Hi,

    I'm using Confluence OnDemand. A user (member of the standard confluence user group) reported that he cannot see any comments from other users. I could verify this behaviour. What do I have to change so that everyone can see all comments?

    Thanks in advance and best regards,

    Fabio

  7. I want to only show allow one group (let's call it Group A) access to view only one space (let's call it Space 1), and not be able view any other spaces. 

    I can't seem to find a way to do this.  Is there a way to do this?

      1. Define the global permissions to allow access to Group A
      2. Define the default permissions for new spaces to not include Group A
      3. Edit any existing space permissions to not include Group A
      4. Add Group A to Space 1

       

      This way they can log into confluence, but only see the space you want.  ANy new spaces will automatically eclude them

      1. Eddie -

        Thx for the quick reply.  I can do step 1, but I don't see how to complete steps 2 and 3?  There doesn't seem to be a way to "not" include a group in the Space Admin interface.

         

        1. See Configuring Default Space Permissions for configuring space permissions and defaults.

          If a group is not explicitly added, they are exclude

  8. Anonymous

    To REMOVE a group or a single user,
    simply tick off all checkboxes and save.

    After saving, the user or group will be gone.

     

  9. We use Confluence for a customer knowledge base. The Confuence pages are displayed in an iframe on a page of our password-protected customer website. We don't want users to have to log in a second time, so we grant anonymous view permission to all Confluence pages. It would be great if the Pages permissions were more granular, so we could let users print (export) pages without being able to add or remove them. Are there any plans to break out these permissions in an upcoming version?

  10. Hi there,

    How can I make a only a couple of confluence spaces or pages accessible with the rest locked out to a user via password? if this is even possible.

     

    1. Lillia, it is possible at the space level.  Just assign "anonymous" users "view" privileges in the Space Admin area for the spaces you want open.  FOr the restricted spaces make sure anonymous users do not have view, and assign that right only to the user(s) or group(s) you want to authorize.   

       

      At the page level is much more difficult depending on structure, but you can leave the space open, and apply page level restrictions to children pages, which will be inherited by all sub pages.

       

      SPACE
      |-- Open Pages
      |-----Open Child Pages
      |-- Restricted Pages
      \-----Restricted child pages 

      1. Anonymous

        I want to do something similar. I am responsible for one space in which we have blog posts which need to be restricted. So I set the default permission to restricted. But I would like the "welcome" page for the space to be open to anonymous viewing. Can I do this?

         

  11. Thanks Eddie!amper

  12. Anonymous

    It would be nice if the admin page had the ability to see if a user has access to a page.  We use AD to assign groups to pages.   Without knowing what group the users are in, I have to manually check each group for the user to see if they are assigned to that group.

     

    If you have a utility to check if a username could access that space and why/what group they're in to access, it would make life alot easier. Please add that functionality, should only take a few hours to program!

  13. Editing comments - can this be locked down to space admins and the author? At the moment it appears that anyone with add rights has edit rights, but given comments are not tracked (versioned) and "updated by" is not shown there is little accountablility for edited comments o.O

    1. Hrmmm - odd - we're seeing some weird stuff on our confluence install atm.

  14. Anonymous

    Is it possible to set default space permissions to allow Anonymous viewing and comment addition? 

  15. Anonymous

    Hii,

    I cannot give view permission to any users for spaces. 

     

  16. Do the "Remove" permissions allow a user to remove only their own comments, blogs, attachments, etc. or any of those in the space?

    1. Hallo Jeremy,

      The "Remove" permissions allow the user to remove all comments/pages/etc (respectively) – there is no permission setting that restricts a user to removing only their own content.

      Cheers, Sarah

  17. Hi..

    Is there a way we could give page editing permission but not page creation permission to a user?

    "Pages:

    • Add – user may create and edit pages in this space.
    • Edit- user may edit pages in this space"

    Thanks & Regards,

    Bhupesh

    1. I have been looking for this as well.  I'm pretty surprised not to find it.

  18. Using v. 5.0.1. We have a number of spaces that are accessed regularly by Anonymous users.  Is it possible to set restrictions so that a user who does a search within a space only sees results from that space (and no other spaces)?

    1. Hi Rich, 

      When a user searches in Confluence, they only see results for pages they have permission to view, so your anonymous users would see search results for all spaces that anonymous users have permissions to view. 

      If I'm reading your comment correctly you are wanting a way to confine users in a space to search only that space? You can do this using the Documentation theme - see the information here Search options when using the Documentation theme. I'm not aware of a way to do this in the Default theme. 

      Hope this helps, Rachel

  19. Just making sure there is no functionality to address this currently... When a user clicks on a link to a page that they do not have permissions for (that page, or even the whole space), is there a mechanism for them to either see who does have permissions and/or to click a link to "request access"?  We've got over 150 spaces in our environment and it is very difficult to figure out who to go to when hit with a permissions block.  Obviously, we can contact the Confluence admin, but that simply doesn't scale in our shop.  If it doesn't exist (my understanding), then any luck this is on the product roadmap?

    1. Hi Lester , the ability to request access to a page has recently been made available to OnDemand customers, and will ship with Confluence 5.3.    

      Did you know that you can also see the space administrators for a space if you are using Confluence 5.2?  Go to the spaces directory, and choose the Space Info icon, and the admins for that space will be listed. You could then contact them to ask for access. 

      1. That's awesome news – we can't wait!!  Thanks for the super fast reply.

      2. I assume this would only work for someone how has read access to the space? Otherwise the space would be hidden in the spaces directory, right?  (At least it was used to be in versions before 5)

        1. Yes good point, if you do not have view space permissions for the space it will not appear in the spaces directory and you would therefore not be able to lookup who the space administrators were.  There goes that great idea!

  20. Does creating attachments on a page depend on the add/edit permission? We use the Adaptavist forum plugin in our Confluence installation and frequently get complaints from users that want to comment on a page and add an attachment, but are prevented from doing so because editing of the page is restricted to its original creator.

    1. Hi Wolfgang, I have not used the Adaptavist forum plugin myself, so can't comment on how it works, but I can tell you how this would be handled by Confluence. 

      If a user has space permissions to View All, Add Comment and Add Attachment they will be able to comment on a page, add attachments in their comments, but not edit the actual content of the page. 

      If the page has a page restriction, for example Editing is restricted to a user or group, this overrides the space permissions - so the user will not be able to add an attachment to the comment.  They will still be able to add comments, but the page restriction locks down editing the page and adding attachments. 

      If your plugin works by restricting pages, rather than applying space permissions, I would say there is no way to prevent editing the page while still allowing attachments to be uploaded. 

      Hope this helps, Rachel. 

      1. Hi Rachel,

        Thanks for the detailled response. It wasn't obvious to us that being able to attach files on a page depends on the permission to edit this page. In our case, we have space permissions that allow to create pages and attachments, and page-level restrictions that restrict editing to the original creator. So this sounds like we should start to look for a different forum solution...

        Thanks, Wolfgang

  21. it is not obvious to me how to interpret "Add" in the space permission screen.

    Is "Add" privilege required to EDIT an existing page?  Or not?

    I have seen at least one case where a user was able to edit an existing page who did not have ADD permission.

    Please clarify in the documentation. Maybe more granularity (view / add /edit) would be desirable.

    This question also applies to blogs, comments and attachments.

  22. If a space permission blocks users from adding pages are they able to still edit pages in that space?

    Thanks

    1. That is correct, if you do not have 'Add' page permission you will not be able to edit a page in that space.

      1. as I said above, more granularity (view / add /edit) would be desirable. Specifically, provide separate adjustments for "Add" and "Edit" on the space level.

        The current situation of "Add" preventing to "Edit" is confusing, at minimum, and lack of desirable access control in some cases.

        1. Hi Hans-Peter, I understand your issue about having more granularity in space permissions, however at the moment there are no plans to change the way these permissions work. You can read a little more in this issue  CONF-26522 - Allow User Edit Permissions on a Page Without Granting them Add Permission Resolved

          1. What can we do to wake up "Won't fix" issues?  As I see it permissions is one of the worst issues in Confluence.  I find it odd because permissions like this are a solved problem in lots of other software.  Add/Edit/Delete permissions, plus granting as well as restricting permissions are a standard model for permissions.  I don't see why these things would complicate permissions too much in Confluence.  Then when you mark things as "Won't fix" I can't even vote for them to tell you I want these things, so you get the mistaken impression that no one cares about these issues.

  23. I have a space (Space A).  And I have a semi restricted group access to the Space (Group 1).  I would like to add individuals or a group (Group 2) to view only certain pages to to Space A but not all the pages.  How can I do this?

  24. Hi,

    I as admin can see all persons and groups with permissions in space. Is there a possibility for non-admins to see persons who have access to a particular space?

    We have this situation:

    a developer wants to share/send a link to some people, but he doesn´t know, if the have access.

    Is there a workaround or some functionality?

    Thanks!

  25. Can you let users edit a page and don't create pages but they need to edit in office

    Grtz

  26. Hello,

    I would like to know if it's possible to set some kinda global permission to all users which allows them to create spaces and become space admins of their own spaces but disallow them the option deleting their own spaces. I know it's a weird question, but I'm a SYS admin in a company where we use confluence and it happens from time to time that the space admins (space creators) delete accidentally their own spaces and afterwards the whole recovery procedure is a pain in the ass.

    Many thanks !

    Davuid

    1. Hi David, 

      This is not a weird question at all. Unfortunately I don't have good news... Delete space is not a permission in itself, it is one of the functions granted by the Space Admin permission.  This means that any user with Space Admin permission can delete a space.  You can remove a space creator's Admin permission (as long as there is one user or group granted that permission), but this would mean the user loses the other space admin functions, including look and feel, templates etc. 

      I'm interested to find out more about users accidentally deleting spaces. The Delete Space function isn't super discoverable in the default theme (it is a tab in the Space Tools > Overview page).  It is more obvious in the Documentation theme however (Space Admin > Delete Space). 

      Do you have a feel for what users were trying to do when they accidentally deleted their space?  Were they trying to delete one space and accidentally deleted another, or trying to delete a page?  Perhaps this is something we can improve in the UI. 

      1. Hello Rachel,

        Thanks for replying. Well, I understand very well the Admin permission policy within spaces.

        I'm looking for some kind of a workaround, to prevent them deleting spaces even if they're space owners (space admins), do you have any suggestions ? Perhaps there could be a option that just after the confirmation of the confluence admins the space can be really removed and confluence admins would receive a notification by email for example that XY space admin wants to delete the XY space. Until the confirmation of confluence admins the XY space would be unavailable (hidden) for the public but wouldn't be deleted.

        This option would be really awesome.


        David

  27. Hi,

    we run confluence 5.1.2

    In which we have a space which is shared between our customers, they have one page each with restrictions to prevent unintentional data sharing.

    however, they can still see if another customer has updated his page structure, or added a file. Thankfully they cannot see the contents, but they can still see the name of the page/file and the name of the user.

     

     

    is there a way to prevent this, or do we need to split them into separate spaces?

  28. Hi 

     

      How to prevent other user to create spaces? please help me

     

     

    Suraj

    1. You can turn off the ability to create spaces in the Global Permissions. 

  29. Hi all,

    Is there a way to share some pages out of a certain space with the world (so: partners, customers and the rest of the internet users) while keeping other pages allowed only for my company's employees?

    Thansk!

    1. Hi Ariel, this is one of the more tricky permissions scenarios.  What you can do is make the space accessible to the widest group (staff, partners, customers etc), and then restrict viewing of specific pages to just staff. 

      View restrictions are hierarchical, so you can restrict a parent page, and all pages under that page will inherit the restriction, so you should be able to organise the pages in your space in such a way that it makes it easy to manage the restricted and non restricted pages. 

      More about page restrictions here Page Restrictions

      1. thanks a lot for the prompt response;

        Our scenario is the following (works nicely, on another wiki platform): within our company, hundreds of employees (developers, implementers, etc.) write the internal wiki pages; Then, ~10 editors review the new/modified pages and decide what should be replicated also to our partners/customers and what should stay internal.

        Can you think of a confluence tool that would enable this scenario? even something (macro?) that would pop-up upon page save, and would remind the user "Please make sure to restrict access to this page to staff only"

        Thanks

         Ariel