Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root


1 badge earned


Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!


Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.


Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!


Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
Community Members
Community Events
Community Groups

rest api: access to new page (unpublished, never published) forbidden 403


Hello, I want to work with attachments - via REST API - at new confluence page. (Never published.)

URL of such page:

Result - http 403 - forbidden. (Or 404 not found.)

I tried:

POST /rest/api/content/109215748/child/attachment?status=draft ... 403 forbidden
POST /rest/api/content/109215748/child/attachment ... 404 not found
GET /rest/api/content/109215748?status=draft ... 403 forbidden
GET /rest/api/content/109215748 ... 404 not found
GET /rest/api/content/109215748/child/attachment?filename=xxx ... 403 forbidden
GET /rest/api/content/109215748/child/attachment?filename=xxx&status=draft ... 403 forbidden


We call confluence REST API from addon running in Tomcat - signing via JWT.

"scopes": ["read", "write", "delete"]

Also tried with

"scopes": ["admin"]

The same calls on published page works fine:

GET /rest/api/content/65538/child/attachment?filename=xxx ... OK http 200
GET /rest/api/content/65538/child/attachment?filename=xxx&status=draft ... OK http 200

Both pages (unpublished and published) where created by myself via "+" (blueprint dialog) as empty. (I filled a caption and put a simple sentence.)

More over, after I have published the page 109215748, the same REST APIs started to work.



We are developing plugin Xyz for cloud. (There is already working Xyz for server Confluence.)

The plugin lets users to save data. Data is saved as confluence attachment.

The plugin also lets users to save data at new - never published page.

The plugin Xyz for server-confluence works fine - saving attachment at unpublished page works.
I would like the plugin Xyz for cloud to work fine as well.


Can you help me?

1 answer

1 accepted

1 vote
Answer accepted

For anyone still struggling with this: we managed to retrieve an unpublished page (Draft) by making a user impersonated call ( instead of JWT. Also manipulating with attachments works fine with user impersonation as soon as you append `status=draft` to the url.

Suggest an answer

Log in or Sign up to answer
AUG Leaders

Atlassian Community Events