Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

How can i set page restrictions (read, update) with Confluence Server REST API v6.3+ ?

Vincent Blain
Vincent Blain December 22, 2017

Hi.

I previously use the deprecated method with a SOAP client to get, or add, or remove page restrictions for given groups or users. Everything seems normal until i get a risky behaviour when i add a page restrictions with a more complex vector permission, that combines both groups and users. Like this :

var vectorPermission = {
    "permission_1": {
        "type": "View",
        "groupName": "group1",
        "userName": null
    },
    "permission_2": {
        "type": "View",
        "groupName": "group2",
        "userName": null
    },
    "permission_3": {
        "type": "View",
        "groupName": null,
        "userName": "user1"
    }
};

So i choose to give up this method and use REST API approach, but i can't find a method to add, update or remove page restrictions with Confluence Server REST API. The method seems to be only exists with Confluence Cloud REST API (https://developer.atlassian.com/cloud/confluence/rest/#api-content-id-restriction-post)

And the "experimental API" approach doesn't work in Confluence 6.3+

PUT https://confluence/rest/experimental/content/<id>/restriction/byOperation/read/user?userName=billgates

 If you have an idea, tank you in advance,

Answer
Watch
Like # people like this
10577 views

3 answers

1 vote
Hasnae
Hasnae
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
December 28, 2017

From what I see, this feature is unfortunately not supported yet on Confluence Server.

We only support GET and PUT for /content/<id>/restriction/byOperation/<operationKey>/user

In this case PUT will update (and replace the restrictions, which is not your use case)

The experimental api does have a POST method applied to the following resource

/content/<id>/restriction and the payload is similar to what the GET method would return

* Accepts same input format as the response of GET to the same resource would return.
* <p>
* E.g.
* <div class="exampleRequests">
* <p>Example request (simplified)</p>
* <pre>{@code
* [
*   {
*     "operation": "update",
*     "restrictions":
*     {
*       "user": [
*         {
*           "type": "known",
*           "username": "admin"
*         }
*       ]
*     }
*   }
* ]
* }</pre>

To use with care, as it may change once it is promoted out of experimental.

Hope this helps 

View More Comments
gurgen2727
gurgen2727 April 25, 2018

Hi

 

is there a way now  ? I need this , please help me ? 

I need to remove all user permissions per page and only add permissions for specific users ? how to do that using REST API  ?

Like
Bill
Bill October 10, 2018

+1 for this question

 

The endpoint mentioned in the comment from @viqueen doesn't even exist in the API.

(/content/<id>/restriction/byOperation/<operationKey>/user)

 

/rest/api/content/123456789/restriction/byOperation/read/user

With a PUT, I get a 404 on this endpoint.

{
 'read' :{
   'operation': 'read',
   'restrictions': {
     'user': [
       {
         'type': 'known',
         'username': 'johndoe'
       }
      ]
    }
  }
}

How are we supposed to restrict page read access to a specific user in an automated way?

Like
fwoon
fwoon May 28, 2019

Since atlassian team cant be bothered to reply....let me do their job for them

url = 'https://your-confluence.com/rest/experimental/content/{id}/restriction'
headers = { "Accept": "application/json", "Content-Type": "application/json" }
payload = json.dumps( [
{
"operation": "update",
"restrictions": {
"user": [
{ "type": "known", 
"username": "<string>",
"userKey": "<string>",
"accountId": "<string>"
}],
"group": [
{
"type": "<string>",
"name": "<string>",
}]
}
}
] )

r = requests.put( url, verify=False, data=payload, headers=headers, auth=(username, passwd) )

 Take a look at https://developer.atlassian.com/cloud/confluence/rest/#api-content-id-restriction-put for reference...try to do a get permission on the page first to understand what kinda operation there is...do not use administer as the operation...that's for cloud

Like # people like this
Seiji Fujii
Seiji Fujii August 21, 2019

This is for confluence cloud yes? I think the og answer asked for a server solution, by any means does this work for server as well as cloud?

 

EDIT: just tested it with "experimental" , works like a charm.

Like Ritika Saini likes this
Stan Ry
Stan Ry
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
December 15, 2020

@fwoon Thanks a ton for this sample! Could you please elaborate on how did you manage to get a clue on what should be the proper format of payload?

Why does the JSON look like:

[
 {
  "operation": "update",
  "restrictions": {
   "user": [
    { "type": "known", 
      "username": "<string>",
      "userKey": "<string>",
      "accountId": "<string>"
    }],
   "group": [
    {
     "type": "<string>",
     "name": "<string>",
    }]
  }
 }
]

How'd you managed to figure out the proper format?

Edit: Figured. You've got the valid format from the output of /rest/experimental/content/{id}/restriction

Thank you.

Like
Stan Ry
Stan Ry
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
December 15, 2020

Does anyone have a clue on using /rest/access/1/page/restriction/{pageId}/grant/{type:view|edit} API? This API also requires payload, but I can't figure out what should be put in payload...

Like
Matt Keenan
Matt Keenan April 28, 2021

Where did you find out about this entry point ? Is it on Cloud or Server ?

Like
zorruch
zorruch
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
April 16, 2024

example of using the experimental method:

$ cat test23_2.json | jq .
[
  {
    "operation": "read",
    "restrictions": {
      "group": [
       {
         "type": "group",
         "name": "{group_name}"
       }
      ],
      "user": [
        {
          "type": "known",
          "username": "{user}"
        }
      ]
    }
  }
]


bash:
cat test23_2.json | curl -u {user}:{password} -H "Content-Type: application/json" --data-binary @- -XPOST http://localhost/rest/experimental/content/{id}/restriction


tested on 8.5.6 (datacenter) version

Like
Reply
0 votes
Mohamed Adel
Mohamed Adel
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
January 2, 2021

I recommend to use Power Scripts for Confluence  , it allows you to create and configure webhooks which you can use to extend the confluence api functionality , 

 

I created a new webhook which which utilize there built-in function : 

removeUserFromContentPermission 

Reply
0 votes
Najjar _Innovura_
Najjar _Innovura_
Marketplace Partner
Marketplace Partners provide apps and integrations available on the Atlassian Marketplace that extend the power of Atlassian products.
July 14, 2020

Holla

We launched a new app that allows you to create pages from templates and store the page under a location based on project or customfield value through Jira Workflow post-function and store the Confluence page in a Jira customfield to apply more actions like:

Workflow postfuntions

  • Update page permissions
  • Update page content
  • Update page title

Workflow conditions

  • Check if page was modified after a certain status transition
  • Check if page still has a placeholder

And so much more.

Please give it a try, I believe it would streamline alot of repeated effort on your team

Jira Confluence Workflow Extensions (JCWE) 

Give it a try I am confident you'll love it.

Reply

Suggest an answer

Log in or Sign up to answer
Confluence
Confluence
TAGS
AUG Leaders

Atlassian Community Events

    See all events