For Confluence administrators, grouping users in Confluence is a great way to cut down the work required when managing permissions and restrictions. Groups are also very useful, however, to anyone who's a space admin, or can apply page restrictions. 

If you're a space admin, you can assign a set of space permissions to a group rather than to each individual user. And as a page creator with 'Add/Delete Restrictions' permission, you can also add and remove page restrictions for groups.

Default Confluence groups

There are some default groups in every Confluence instance but, beyond that, Confluence administrators are free to set up and edit groups in any way they see fit.

On this page:

Related Pages:

The two special groups in Confluence are:

  • confluence-administrators  – Can perform most of the Confluence administrative functions, like assign permissions to other users, but they can't perform any functions that could compromise the security of the Confluence system. They can also access the Confluence Admin console.
  • confluence-users - this is the default group into which all new users are assigned. Permissions defined for this group will be assigned to all new Confluence users.

 

 

Anonymous Users

All users who don't log in when they access Confluence are know as 'anonymous' users. By default, anonymous users don't have access to view or change any content in your Confluence instance, but Confluence admins can assign permissions to this group if it's required.

Overlapping group and user permissions

When a user is assigned more than one permission, the more powerful permission will prevail.

Further explanation:

  • A user may be assigned a permission specifically to their username. They may also be assigned a permission by belonging to a group, or even several groups.
  • The user will then be able to perform all functions assigned to them.
  • So if a user is allowed to do something over and above what the group can do, the user will be able to do it. And if the group is allowed to do something over and above the specific permissions granted to the user, the user will still be able to do it.
  • If anonymous users are allowed to do something over and above what the user or group can do, the user will be able to do it, (even while logged in).

  • No labels