Unable to deploy "Atlassian Confluence Audit (via Codeless Connector Platform)"data connector

Hi @Hasan Fakher ,

The 401 Unauthorized on the audit log endpoint (/wiki/rest/api/audit) is almost always a scope or permission problem. 

The Atlassian Confluence Audit (Codeless Connector) connector uses the old v1 audit log API (/wiki/rest/api/audit), and that endpoint does not respect the newer granular scopes like read:audit-log:confluence. It only works with the classic scope VIEW_AUDIT_LOG (or being a full Site Admin).

1) Use classic scopes (not granular) for the API token

When creating the API token for the service account:

• Go to https://id.atlassian.com/manage-profile/security/api-tokens
• Create token → Choose Classic scopes
• Add the scope VIEW_AUDIT_LOG (and VIEW_AUDIT_LOG for Jira if you also use the Jira Audit connector).

2) Make sure the service account is Site Admin (or Org Admin will do)

The v1 audit endpoint still requires Site Admin rights in many cases, even with the classic scope.

• Go to admin.atlassian.com → Directory → Users → find the service account → Groups → add it to site-admins (or make it Org Admin if you prefer). :)

3) This is optional but you can keep granular scopes for everything else

• You can have two tokens on the same service account: one with classic VIEW_AUDIT_LOG (used only for the Azure Sentinel connector) and another with your granular scopes for normal integrations.

After regenerating the token with the classic VIEW_AUDIT_LOG scope (and confirming Site Admin), go back to Azure Sentinel → Data connectors → Atlassian Confluence Audit → Add organization → paste the new token → it should pass the connectivity check.

I hope everything works out well for you!

Best,

Peter