Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Introducing User Access! Where admins can audit + troubleshoot permissions (all paid editions)

October 10, 2024

 

Hi Confluence admins,

 

John here with another update: we've released the new User Access feature to customers on our Standard, Premium, and Enterprise editions!

 

This is a new location where admins are able to download a CSV that lists all of the spaces that a selected user or group has access to, as well as if they have admin permissions for each respective space

Customers on our Premium and Enterprise plans will also be able to leverage the existing Inspect Permissions functionality in a new, centralized location here to further help with troubleshooting any permissions questions.  

 

UA hero.png

 

How to use it

First, navigate to the Confluence administration page but clicking on the gear icon in the right side of the top nav to reach the Confluence administration area:

top nav entry.png

Next, click on the User Access item in the side nav, and you'll land in the feature where you can select which user or group you'd like to review the permissions of:

UA land.png

 

Once you've entered the user or group that you're interested in, you can then download a CSV that contains records for each space that the user / group has access to:

UA download.png

 

Also, customers on the Premium or Enterprise edition of Confluence can review whether the user / group has access to a specific piece of content as an editor, commentor, or viewer, plus the various levels of permissions that are responsible for their current access or lack thereof: 

UA IP.png

 

 

FAQs

What information is in the report?

The report includes:

- metadata for each space (ID, name, key, type, status)

- the user / group's access level: the values for this column are 'admin' and 'user'. The 'admin' value represents if the user / group has admin permissions for this space. 'user' represents if the user / group has access to the space but does not have admin permissions for it.

 

And then only when a user (so not a group) has been selected: 

- what access level has the user been granted as an individual user for each space

- what access level has the user been granted via the groups that they're a part of for each space

 

What Confluence editions have access to this feature?

Customers on Confluence's Standard, Premium, and Enterprise editions all have access to this new feature. The lower component of it, the ability to inspect permissions of a specific piece of content, is only available to customers on Confluence Premium or Enterprise

 

Does this feature allow me to see access to spaces / content items that I don't have access to (along the lines of the Admin Key feature)?

It does not. The feature currently only includes information about entities that you as a user already have access to. However, we are continuing to evaluate whether all spaces and content items should be included in the information, so please let us know if you have a preference here either way.

 

When can I start using this update?

The rollout of the feature has been completed, and it's available to be used now!

 

 

As always, please let us know if you have any questions or feedback with comments here or by scheduling time to chat with me here

Comment
Watch
Like # people like this
1005 views

9 comments

Comment

Log in or Sign up to comment
Rita Nygren
Rita Nygren
Contributor
October 10, 2024

I was excited, then I saw it was not actually giving us aggregate space permissions, just if someone was a user or admin.  Will watch for future updates, heading in the right direction.

Like Sue Lund likes this
Justin Deutsch
Justin Deutsch
Contributor
October 10, 2024

As an administrator investigating why a user doesn't have access to something, this functionality is a great addition!

Please add the ability (possibly as a separate permission) for a user to be granted access to use this feature to check any page, even if they don't have access to the page itself. Granting this type of access isn't really any different than having admin privileges and being able to review the restricted access content, it would just make finding the information for a particular user or group much simpler!

Like # people like this
Hana Kučerová
Hana Kučerová
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
October 12, 2024

+1 @Justin Deutsch 

Like
Steve Rhodes
Steve Rhodes
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
October 16, 2024

@John Hooper Does this export give me a list of spaces that the user has access to, even if i dont have access to that space? I don't need access to that space but knowing the permissions that they have is essential. Even if this would only be available to org admins. As an admin I dont need access to the space but surely for a security audit I would need to know the names of the spaces they can access, and the rights they have on it? (And no, this is not a premium feature, just common sense).

Like
John Hooper
John Hooper
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
October 21, 2024

Thank you all for the feedback!

 

@Rita Nygren - could you please explain more on what you need by 'aggregate' space permissions? Is like all users with admin permission for all spaces, for example?

 

@Steve Rhodes - great question. We initially rolled out with only the ability to see a user's permission for spaces that you have access to as a user, but we are considering expanding that to include all spaces (even the ones that you don't have access to) either as a default or as a toggle that could be chosen. Sounds like it'd be helpful for you to have access to all spaces. 

Like
Rita Nygren
Rita Nygren
Contributor
October 21, 2024

Sure!  I need all spaces in my instance, and all Groups and Individuals with permissions within each space, and all permission types. 

We manage access via our enterprise Identity provider groups (that get sync'd to Atlassian), and I would need to know if there were individuals who had, for instance, admin rights for a space when I do an audit.  Or if if some major changes are expected for a group, which spaces would it affect (and what permissions does the group have on each space).  Or which groups/individuals are allowed to add blog posts on which spaces (I just migrated a bunch of spaces into our primary, and blogs don't migrate - it's on my mind).

Thus far, I've been asking Atlassian's support crew to create these reports, which I then manipulate in excel (mostly by pivot charts) until I have a spreadsheet near identical to the GUI for permissions, but also had every space in it.  I would be much happier (and so would support) if I could just run this report myself at need.

 

Like
John Hooper
John Hooper
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
November 4, 2024

Thanks @Rita Nygren !

So a practical example of the report you need is:

- each user has a unique row within the report for every space in your site

- there is a column for each type of permission (ex: admin permission, add blog permission)

Is that correct?

Also, would love to chat through this with you live if it's easier / more helpful: 
https://calendar.app.google/y84CCxGUxAxixaZu5

Like
Sue Lund
Sue Lund
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
January 7, 2025

This is nice!  I've been looking for something like this.  The only thing missing is an indication that the user is a guest user.  

Like
Almuth Boehme _Communardo_
Almuth Boehme _Communardo_
Contributor
January 13, 2025

Great for auditing group usage!

Like
John Hooper

John Hooper

Atlassian Team
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.

About this author

Product Manager

Atlassian

San Francisco

83 total posts

View profile
groups-icon
Confluence Cloud Admins
TAGS
AUG Leaders

Atlassian Community Events

    See all events