Difference between Atlassian permissions and confluence permissions

I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
July 27, 2021



I am reaching out because we are setting up our confluence and had a few questions.


Attached are two screenshots below:Screen Shot 2021-07-27 at 3.52.21 PM.pngScreen Shot 2021-07-27 at 3.52.33 PM.png


The first screenshot is a screenshot of someones account and I have selected roles to view their access. You can see there are 3 roles, Basic, Trusted, and Site Admin. How do these relate to permissions on Confluence as this is from Atlassian.

As you can see in the second screenshot, this is a screenshot of the global permissions. How do these these permissions relate to the role/permissions in Atlassian? I can see different groups in this, including trusted users, site admins, admins, and the specific team groups we created. How do I delete one of these groups? And why do not all of these groups show up in Atlassian (in individual profiles like the first screenshot).


How are global permissions on confluence related to specific profile permissions on Atlassian? 


I hope this made sense, let me know. 

2 answers

0 votes
Soledad Lamas August 28, 2023

@Esther Strom Hi Esther, do you know if there's a way to edit the Basic Role? (so I can add a product to the list)


Esther Strom
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
August 29, 2023

@Soledad Lamas - the Basic role is applied to each user individually; it doesn't grant default access to products. In fact, the opposite - giving a user the Basic role means they can only access the products that you have toggled for them on their user profile.

If you're looking for a way to give automatic access to products, you can use groups for that. There are several groups that exist automatically (like jira-software-users and confluence-users); adding users to that group will automatically give them access to Jira or Confluence, respectively. 

You can add additional groups as default access groups, so that adding users to the group will grant them access to the products. Documentation for how default access groups work is here.

Soledad Lamas August 29, 2023

Oh okay. Thank you @Esther Strom 

Currently I have the confluence-users group as the default one and still new users don't have access to Confluence. In the other hand, jira-software-users is another default group and it works fine for new users (they have access to Jira automatically)

Right now, the process to give them access is: 

New user logs in, automatically has access to Jira, then I have to go to the admin page, turn on the Confluence switch (pic) and only then the user is added to confluence-users group.


I'm still not sure what I have to do to avoid the last step.

0 votes
Esther Strom
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
July 27, 2021

@matt.hoch Welcome to the Community!

The first shot you provided is a user's instance-level permissions. The roles you're referring to (Trusted/Basic/Site Admin) determines if a user is "just" a user, or if they have a limited set of admin permissions to your entire site (including all of your products - Confluence, but also Jira if you have it.) Someone with Trusted permissions can do things that affect your bill - i.e. invite new users, add new Atlassian products, install plugins, etc, but don't have full organization admin rights (they can't change your billing contacts, change other users' access, etc.) See point 5 on this documentation page. This user profile is also where you determine which products your user has access to - Jira, Confluence, OpsGenie, Jira Service Management (limited, of course, to the products your company actually owns.)

The second image is your product-level group management. Assuming the user in the first shot has access to Confluence at all (which it doesn't look like they do, as the toggles for the individual products are both off), you'd be able to add the user to any of the groups you see in the Confluence global permissions page by clicking Add to Group button on the user profile:
2021-07-27 15_34_47-Administration - Vivaldi.png


You can then use those groups to provide even more granular access in Confluence, by limiting space permissions based on groups, for example. You have the options available on the Global Permissions page, so for example, members of the Finance group have access to create personal spaces, but not shared spaces. 

You can also, at an individual space's level, set additional permissions using those groups (as well as individual users). 

2021-07-27 15_44_08-View Space Permissions - Esther's Services - Confluence - Brave.png


To delete a group (assuming you have access to do so), go to Groups in the Confluence admin sidebar:
2021-07-27 15_50_04-Confluence - Vivaldi.png

From the list of groups, click through to the group you want to delete, then click Delete Group:
2021-07-27 15_51_00-Administration - Vivaldi.png

Suggest an answer

Log in or Sign up to answer
Site Admin
AUG Leaders

Atlassian Community Events