Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Feedback Request Confluence Public Links

Hello Confluence Cloud admins!
I’m a Product Manager for Confluence Permissions, working on the Public Links feature.

Public links allow Confluence users to generate a URL to share a view-only version of any Confluence page to anyone on the internet with the link.

We had released the feature to some customers in 2021. Since then we have received some great insights on feature enhancements that are underway. Now we are looking to improve the feature specifically informed by your needs!

Help shape our feature:
Is this something you would use in your organization? What are the basic must-have security controls that would give you confidence in using the Public Links feature? We specifically want your feedback to the below examples, but also open to hearing any other needs:

  • product admin ability to block a specific space from having public pages
  • product admin ability to block a specific page from being public
  • product admin ability to see a list of spaces that allow public pages, even if there are no active public pages
  • space admin ability to block a specific page from being public

25 comments

Comment

Log in or Sign up to comment
Gabriel
Contributor
March 17, 2023

Hey @Nidhi Raj

All of the above for sure and maybe being able to configure who (users) can create public links.

Thanks!

Like # people like this
Muhammet Ayal
Marketplace Partner
Marketplace Partners provide apps and integrations available on the Atlassian Marketplace that extend the power of Atlassian products.
March 17, 2023

Crucial feature. All items should be :D 

Like Nidhi Raj likes this
Andy Gladstone
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
March 17, 2023

Admins should have a view of all pages that have been shared with Public Links. Not just to know which spaces/pages can be shared, but a dashboard that shows every page that has been shared publicly. 

Only the page content should be shared. No side bar. No menu bar. No detail of who has contributed or edited a page. Just the page content. 

Like # people like this
Nidhi Raj
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
March 17, 2023

Thank you for your input! We're actively noting your feedback, so keep them coming! 

Eugene Blignaut
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
March 17, 2023

I think those features will be really useful as you sometimes want to share content without making the page public. 

Like # people like this
Tomislav Tobijas _Koios_
Solutions Partner
Solution Partners provide consulting, sales, and technical services on Atlassian products.
March 19, 2023

A list of all shared pages within the site would be a really (if not the most) useful feature for this + all the things that are mentioned in the original post.

As for the visibility of the items, I guess things like the sidebar or menu don't need to be visible. However, in some cases, it would be nice to know the page creator/editor - this could, potentially, be something that could be configured while creating a public link. (it's more like a nice-to-have than a need-to-have option)

💡 One more thing regarding integration - it would probably be cool if this feature would be integrated with Beacon so alerts are made if big number of public links are created within a small amount of time (or by the same person).

Like # people like this
Hadi Hormozi
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
March 19, 2023

Space admin can set expiry date for public links;

Space admin can set expiry for the link after specific number of page load;

Like # people like this
Christoph Schaub
Contributor
March 19, 2023

your original list, plus the request from Andy Gladstone and Hadi Hormozi. Plus ability to see what page is shared with whom and be able to block users. Or in an other sort order, see what users can see what content (links). This should be colapsed by mail domains of the users. 

To be able to share content externally must be a separate authorization for a person.

I even would like to see a feature where the Site Admin can set the rule how many month until re-validation (up to 12). By then, once a month, the person granting the access will get a list of users he shared content with and can checkmark. Either he prolongates the access, have the external confirm his continous need or reject it. Such an access should never stay longer than 12 month without revalidation.

Like # people like this
mb
Contributor
March 20, 2023

All of the original bullet points + the suggestions by Andy Gladstone and Hadi Hormozi.

Like Nidhi Raj likes this
Richard Turnbull
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
March 20, 2023

Option to share child pages of the page would be good also (we are using the External Share plugin currently which has this option).

Thanks!

Like # people like this
Geetanjali Sharma
Contributor
March 20, 2023

There should be an option to set the visibility for certain duration (may be a date/time format) after which links will remain visible but not accessible and can be accessed after taking prior permission from the owner or admin.

Like # people like this
Joshua Mathews
Contributor
March 20, 2023

Approval: I don't mind if anyone generates it but I'd love to have a fixed set of employees who can review the content and approve/deny accordingly. 

Notification: If approvals is not likely, at least a notification so it can go be reviewed (maybe a daily report of all links). 

As Hadi Hormozi mentioned, expiration dates set by admins. 

Like # people like this
Steven Rhodes
Contributor
March 22, 2023

Site admins need to be able to remove the public links, and also have the option to be notified when someone creates a public link. 

Like # people like this
Nidhi Raj
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
March 28, 2023

Hi Confluence Cloud Admins!


Thank you for your continued engagement, your input has certainly helped us make several decisions already. One other that I would love to hear from you on:

Commonly, products allow users to share with little to no friction. In Confluence, we prioritize trust. We plan to introduce the warning dialog below when an end user attempts to turn on Public Link for a page and allow them to dismiss it if they wish to.

Would love to hear your thoughts regarding the warning dialog for end users - is it needed? Any thoughts on the dismissibility?

Screenshot 2023-03-28 at 8.56.31 AM.png

Like Kalin U likes this
Gabriel
Contributor
March 28, 2023

Hi @Nidhi Raj

As much as we want to trust our users, I think this feature would automatically be rejected or disabled by your enterprise-level customers.

Just my 2 cents ;)

Cheers!

Like # people like this
Steven Rhodes
Contributor
March 28, 2023

I like the dialogue, but users are not the guardians of security. They will do what they need to do to share something. Users cannot be trusted. They will click "Dont show me this again" and share things. But its a good feature as long as sysadmins have are notified and have a list of shared pages they can revoke.

Like # people like this
Tomislav Tobijas _Koios_
Solutions Partner
Solution Partners provide consulting, sales, and technical services on Atlassian products.
March 28, 2023

Regarding the warning dialog, I agree with what @Steven Rhodes said - it's a good 'nice-to-have' feature and I believe users should be prompted to confirm that they want to share the page externally/turn on public links, but the important part is that admins have full control over this feature and clear visibility of what is shared together with an option to turn on some kind of notification whenever the public link is created.

Like # people like this
Wayne_Reilly
Contributor
March 29, 2023

I agree with Steven. I'd like to see that only admins or selected users could be the only ones who can share links. Definitely need the confirmation box. Also I'd like as an admin to know who has shared what with who in a report and an ability to revoke the shared link. Having a feature where there is an expiry date is a must.

Like # people like this
Bikash Pokhrel
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
March 29, 2023

I agree on @Steven Rhodes and @Wayne_Reilly's comment above, here are few feedback from security standpoint while considering this new feature.

  • Alligning this to the internal data classification policy - Confidential, internal and public, the public link can apply to share the data that can be classified as public.
  • The view only version disabled with all other navigation controls (hidden or not shown).
  • Product admins ability to be notified when a public link is created and ability to revoke whenever required
  • Space admins ability to add or block a specific page from being public, with product admins ability to see what has gone public.
  • Time-Based access: Product admin/space admins ability to turn the public link only for a specific period/days that will prevent access to the page beyond certain period.
  • Some other nice to have security controls if its feasible such as Password protection, 2FA, Role based access (authorised users only to access the page), IP Address restriction.

    Recommendation to the Confluence Permission team to ensure that the feature is designed with security in mind and with the collaboration of security professionals to assess potential risks and identify further security controls required to mitigate these risks.
Like # people like this
Wayne_Reilly
Contributor
March 29, 2023

From one of our team: 

A functional requirement for me would the ability to download attachments (templates) contained in the page. E.g. People engaged in change enablement able to download the RFC template that is embed/attached to a confluence page.

Like Nidhi Raj likes this
Nidhi Raj
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
March 29, 2023

Such great feedback, thank you all so much! While we may not be able to get everything in our first iteration, you can know that our intention is to incrementally rollout value to you. Please keep the input flowing, we really value your time and suggestions! 

Like # people like this
Sunitha
Contributor
March 30, 2023

Great to see the progress on this feature.

I second with @Bikash Pokhrel security features are Key when content is shared to public. Admins should have full control while sharing the pages in addition to the notification when someone views, downloads..etc. 

Like Nidhi Raj likes this
Nathan Sharratt
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
April 27, 2023

Yes, this would be extremely helpful for us to create self-help guides for customers that can also be part of internal training spaces so we keep our single source of truth going!

Like # people like this
Annette Herzog-Lang
Contributor
June 21, 2023
  • all the things that are mentioned in the original post
  • better formatting (some panels are shown on the public page, some aren't)
  • set an expiry date
  • get a list of all public links for admins
Like # people like this
Nidhi Raj
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
August 7, 2023
TAGS
AUG Leaders

Atlassian Community Events