Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Alert/Monitor if a confluence page is made public

Alagu Jeeva M
Alagu Jeeva M
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
November 7, 2024

Hello Everyone,

To increase the security of the confluence, we want to be notified/alerted if any of the confluence page/wiki has been made public. Can you please help us how we can achieve this?

We want this to happen in real-time!

Thank you for your support in advance!

Answer
Watch
Like Adam Bang likes this
205 views

2 answers

0 votes
Barbara Szczesniak
Barbara Szczesniak
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
November 7, 2024

@Alagu Jeeva M Welcome to the Atlassian Community.

Please review this page (https://support.atlassian.com/confluence-cloud/docs/how-secure-are-public-links/) for information on how to configure notifications for when public links are created.

Reply
0 votes
Ugnius Aušra
Ugnius Aušra
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
November 7, 2024

Hello @Alagu Jeeva M 

Yes there's some solutions to this situation:

Audit Logs:

 

Confluence's audit logs can provide information about changes in permissions or public access settings on pages. You can use filters in the audit log to track when a page is made public and set up webhooks or external scripts to check these logs periodically and trigger alerts.

Automation with REST API:

Use Confluence's REST API to regularly check page permissions. For example, you could write a script to scan pages for public access and notify you if one is found. This script could be run on a schedule (e.g., daily) and notify you via email or your preferred communication channel if any pages are publicly accessible.

Atlassian Access and Integration with SIEM:

If your company uses Atlassian Access, you can integrate it with a SIEM (Security Information and Event Management) solution to monitor security-related events across Confluence. This integration can help detect changes in page permissions.

 

View More Comments
Alagu Jeeva M
Alagu Jeeva M
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
November 11, 2024

Hello Ugnius,

Thank you!
Can you please share the link to the API docs for this purpose?

I tried Get pages from this link https://developer.atlassian.com/cloud/confluence/rest/v2/api-group-page/#api-group-page, I am not seeing any content related to the page visibility.

Also, can you please share the permission required for the API user?

Thank you!

Like
Ugnius Aušra
Ugnius Aušra
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
November 11, 2024

@Alagu Jeeva M 

To check page visibility, the Confluence Cloud REST API doesn’t directly provide an endpoint that explicitly shows a page’s public or restricted status. Instead, you can use the Content Permissions API to retrieve permissions for a given page and verify if it’s accessible by anonymous (public) users. Here’s how to do it:

  1. Retrieve Permissions for a Page:

    • Use the Get restrictions for a piece of content endpoint: Get content restrictions.
    • This endpoint allows you to get restrictions (permissions) on a page and determine if it has specific restrictions applied or if it’s available to all users, including anonymous users.

  2. Required Permissions for API User:

    • The API user must have Space Admin permissions or Confluence Admin rights to retrieve content permissions. Admin rights ensure access to view permissions across spaces and pages, necessary for auditing page-level visibility.

  3. Suggested Approach:

    • After retrieving page permissions, you can check if there are no restrictions set, which would imply that the page might be accessible publicly if the space permissions allow it. Cross-check space permissions to verify if anonymous access is enabled for that specific space.

Best regards,

Ugnius

Like
Reply

Suggest an answer

Log in or Sign up to answer
Confluence
Confluence
TAGS
AUG Leaders

Atlassian Community Events

    See all events