Confluence access for new user - Can log in, but gets "Not Permitted" when switching to confluence

Looking around, I've seen this problem variously discussed and solved for both the installed and on-line versions. However, none point me to getting my version of the problem fixed.

Implementation Details:

  • I have subscriptions to Jira and Confluence apps only
  • I have created a new user: access is allowed only to Confluence app
  • I have created a new group and placed the new user into it
  • I have permissioned the group for access to specific spaces only

Problem Description:

When user logs in, the following observations, actions, symptoms and problems:

  • User is able to log in
  • Presented with Jira dashboard (even though user is not permissioned for Jira)
  • Selects Confluence
  • Receives message "Administration / Users \n Not Permitted \n You are not permitted to perform this operation"

What I tried:

  • re-indexing: no effect
  • Permissioning user also for Jira access: no effect
  • Chaging default applications for group to include Jira: no effect
  • googling all over, searching atlassian answers, etc: no effect

So, what's wrong with the above? How do I simply create a new user, add them to a new group, and successfully give them access to confluence?

Any and all help appreciated,



4 answers

This widget could not be displayed.

Check the groups enabled for "Browse" in "Global permissions" in Jira.

This widget could not be displayed.

Okay, I'm getting farther, but still am a bit confused about the underlying philosophy here and would like some further pointers where possible.

But first, what I did to get this working:

  • Originally I had the user defined as a member of a single group, which was not the group 'users'
  • Added this user to the 'users' group and everything now works as expected, login- and access-wise

However, what this means is that this individual user now has access to all of the Confluence spaces since by default, all spaces allow access to the group 'users'.

So I'm really confused as to how one goes about making one-to-one permissioning schemes between individual users and individual confluence spaces.

The way I currently understand it then, in order to achieve what I'd like, I need to:

  • Add any new individual user to group 'users', otherwise they can't access Confluence
  • Then, if I want to give them access to only a single Confluence space, I need to remove group 'users' from all other spaces, remembering to do this for every new space that gets created since this access is provided at creation of a new space.

Obviously I'd prefer a different method than to have to re-configure group access for all spaces (not fully knowing the broader implications of this before-hand).

Is there something I'm missing preventing me from doing this in a straight-forward manner?

All advice appreciated.



This widget could not be displayed.
  1. Under Confluence Administration, select General configuration
  2. Go to Global permissions and select Edit permissions
  3. In order to give a group browsing rights, under the Groups heading, search for the group.
  4. Click on Add to add the group. Leave Can use ticked. Grant other rights accordingly.
  5. In order to give a user browsing rights, under the Individual users heading, search for the user
  6. Click on Add to add the individual user. Leave Can use ticked. Grant other rights accordingly.
  7. Click on Save all to save your changes
  8. Note that the group or user must also be accorded rights in a space in order to see any content.

Hi Alice,

I am facing the exact same problem that Richard faced. By adding a user to the Global Permissions page/list, we provide him/her access to all spaces. That's not what we want.

We have synced up the users through Active Directory, which includes contractors. We would like to give them access to certain spaces, not the entire site (all spaces). How do we achieve that?

Any help would be appreciated!



This widget could not be displayed.

Hi All 

i am also having the same issue.

All our users are sync'd via LDAP but we want to provide and external user access to a particular space.

i have created the user and they can log in but get the "Not Permitted" page. 

i have tried various ways from adding individual permissions to the space as well as adding group permissions to the space. the only way to get it to work is to either add the group or individual to the global permissions but this then gives access to all spaces 

Just an update

I was able to resolve this issue via the global permissions section

Suggest an answer

Log in or Sign up to answer
Atlassian Summit 2018

Meet the community IRL

Atlassian Summit is an excellent opportunity for in-person support, training, and networking.

Learn more
Community showcase
Posted Wednesday in New to Jira

Are you planning to trial, or are currently trialling Jira Software? - We want to talk to you!

Hello! I'm Rayen, a product manager at Atlassian. My team and I are working hard to improve the trial experience for Jira Software Cloud. We are interested in   talking to 20 people planning t...

168 views 2 0
Join discussion

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you