Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions
Community
Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning Events Champions
Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning Events Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Guest Users in Confluence: Free Collaboration or Admin Nightmare?

April 16, 2026

Inviting Guests to your Confluence party sounds great but there are house rules. Let’s look at dos, and don'ts to ensure that collaboration happens and the admin stays happy.

WDOC#120_Got to keep the guests right on the path.jpg

Say you’re working on a customer success story with a client. Or you’re developing a new feature and need to work with contractors. Either way, your team needs to bring a couple of external people in to collaborate on an article in Confluence.

Adding outside collaborators as guests is a no-brainer for any paid Confluence tier. Guests are essentially free users. Free as in ‘you don’t have to pay for their seats'. Sure, there are limitations but you can add up to five guests per one paid seat. Let the new era of collaboration commence! But your admin is probably less thrilled.

Let’s find out how to keep the project going and the admin sane.

Guests: The Math

A small team of 10 people who are about to change the world may add 50 guests. That’s an incredible money-saving measure for any startup! And it can be manageable.

Let’s move things up a notch. Now you have a site with 1000 users. That means 5000 potential guests. Managing 1000 carefully provisioned users is one thing. Managing even 1000 guests is what admins' nightmares are made of. And before you ask if it scales… yes, it does, unlike an admin’s stress tolerance, all the way up to the 150K-user limit per a Confluence site.

WDOC#120_Confluence_Guests_2@4x.png

Define the Guest's Role

The guest role was designed to enable ad hoc collaboration of teams with outsiders. Not to get a free ride. Although…

Anyway, before you invite a guest user, the following best practices will help you develop a manageable workflow.

  • Define the project guests will participate in.

  • Determine the Confluence space the guest will access. Guests can only access a single space at a time. Do not hesitate to create an ad hoc space just for this specific collaboration.

  • Determine the guest’s permissions within that space. Don’t forget to check the marketplace apps' settings.

  • Time frame – beginning and the planned end of the project.

  • Responsible user – someone who will either remove the guest or inform the admin when it’s time.

By the way, Confluence Databases would work exceptionally well to keep track of project guests.

Onboard guests

An informed guest doesn’t have to guess what is expected of them and how they can get around. Especially if they haven't worked with Confluence before.

Guests should know who to contact when they need help. We recommend having a single point of contact within the inviting team. That dedicated person can then raise any requests and report any issue to your Confluence admin.

More on this in a bit.

Time To Say Goodbye

WDOC#120_Confluence_Guests_Franklin6@4x.png

The project is closed, the guests checked out but they never left. Because nobody closed their zombie accounts.

  • Done Project Amnesia: The contractor finishes the job, the project manager clicks done, everyone celebrates, but nobody remembers to submit a ticket to revoke the guest's access.

  • Just in Case Paralysis: A guest hasn't logged in for six months but what if….???

  • The Missing Expiration Date: Guests often join ad-hoc. So they are not processed in the same way as regular users for whom an IT kill switch is triggered by Human Resources.

In some companies, this would create chaos. For others, those zombie accounts may trigger legal issues.

Compliance Has the Final Word

Security certificates like ISO 27001:2022, SOC 2 Type II, and similar frameworks do not inherently forbid the use of Confluence guests. But they do make the process incredibly demanding.

Here is what those frameworks actually require when it comes to external users:

  • Justified Access: You must prove exactly why the guest needs to be there.

  • Documented Onboarding: The approval flow must be recorded and trackable.

  • Flawless Offboarding: The moment the relationship ends, access must be revoked and logged.

Because this level of maintenance is exhausting and prone to human error, Confluence admins often use the certification as a convenient excuse to block guest access altogether.

The golden rule: Always check with your Compliance or Legal department regarding internal policies. Your admin's job is to protect the system (and their own sanity), so they are naturally biased toward saying no.

Comment
Watch
Like # people like this
108 views

5 comments

Rune Rasmussen
Rune Rasmussen
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Champions.
Get recognized
April 16, 2026

Very nice article. And Benjamin Franklin quote.

The poor management and control over guest access is why we have opted to not allow it at all.

Like # people like this
Kris Klima _K15t_
Kris Klima _K15t_
Community Champion
April 16, 2026

Thanks @Rune Rasmussen !

Like
Josh
Josh
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Champions.
Get recognized
April 16, 2026

@Kris Klima _K15t_ given the trend of your articles pointing out overbearing Atlassian admins, it has me wondering about what admins you've worked with and which one hurt you so much. 🤪

Confluence admins often use the certification as a convenient excuse to block guest access altogether.

Not all admins are looking for excuses. The better ones will advise on considerations like ISO / SOC and help guide users to solutions that meet their needs while avoiding regulatory / legal / audit / security issues.

The golden rule: Always check with your Compliance or Legal department regarding internal policies. Your admin's job is to protect the system (and their own sanity), so they are naturally biased toward saying no.

It almost sounds like you are suggesting ignoring or excluding admins in this discussion. Ideally, the admins would bring in Compliance, Legal, and Security teams for these situations to ensure there is organizational alignment.

Like Kris Klima _K15t_ likes this
Kris Klima _K15t_
Kris Klima _K15t_
Community Champion
April 16, 2026

@Josh 

Yes, it's tongue-in-cheek, and I do admint it may sound as foot-in-mouth :D 

My admin days go back to Server, I always had a hotline to Legal or Compliance, sat down compliance folks to prepare reports for auditors etc.

In the Free Confluence piece, the message is to experiment, practice, and learn outside of Confluence.

With Guests, as @Rune Rasmussen points, the management is not ideal. If you need to weight complexity of making guests happen against the backdrop of regulatory requirements, of course the response is NO when the effort is greater than benefit.

But there's another aspect of this - users' discipline, or lack thereof. Ignoring internal rules and  internal policies inevitably pushes admins to ban guests purely to avoid chaos. So you can see this as an appeal to users to adopt best practices and listen to admins ... or face consequences.

Like Josh likes this
Josh
Josh
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Champions.
Get recognized
April 16, 2026

@Kris Klima _K15t_ You had me 🤣 at the foot-in-mouth part.

Valid point regarding user discipline and the potential repercussions of not having it! Much better to treat admins as a partner than an adversary. Ultimately, both people should be working towards the same goal of serving the customer and advancing the company.

Like Kris Klima _K15t_ likes this

Comment

Log in or Sign up to comment
Kris Klima _K15t_

Kris Klima _K15t_

Community Champion

About this author

43 accepted answers

361 total posts

View profile
Confluence
Confluence
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2026 Atlassian
    Privacy Policy Notice at Collection Terms Security