What we want to achieve is for a specific group to only access selected spaces.
I created a GroupA and added UserA to it. Even if I gave 'space' permission in SpaceA to GroupA, UserA still could not access the SpaceA.
But when I added GroupA to global permission, UserA can then read all of Confluence which we do not want.
I also looked into the option of restricting other spaces but this is also not available, I only found restrict page which is not feasible for us to implement because obviously there are lot's of pages.
How do we go about this? Thanks.
Hi Erwin! Let me try to restate your question and see if I understand it correctly.
Your confluence is currently set up so that most or all of the spaces are open to everyone who has access to confluence (global permissions) is that right?
You now want to have a new group of users only have access to a certain space but not any of the other spaces is that right?
Ok so first of all, Group A as you describe it has to have "Can use" global permission checked. if you dont do that they cant access confluence, so dont uncheck that.
second, most likely you have a "default" group called confluence-users that all your confluence users are added to by default to give them access to all the spaces, and most likley all your spaces are set up right now so that the group called confluence-users has access to them (which is why all your "general" users have access to all your spaces).
The most straightforward way to solve your problem is to simply *remove* the users in group A that you dont want to have access to all those other spaces from the confluence-users group. This will "take away" their space-by-space access to all those spaces you dont want them in.
But since they are inheriting their "can use" access to confluence from their membership in this group, this first step will also take away all their access to confluence (including Space A) so we have to fix that.
So next you need to go to the global permissions tab and explicitly list Group A in the groups list there and give them "can use" access.
Then check to be sure that Space A explicitly lists Group A as having permissions (under Space admin) and I beleive this will give you what you want.
As you add new users for Group A you just need to be careful to be sure they arent added to confluence-users b/c that is prob your default.
Others can double check my answer here to be sure I havent missed/mis-stated anything.
Let me know if this answers your question and more importantly if it works for you :)
Thanks to all the replies! the main issue was we were allowing Anonymous access to confluence, once I removed that, I had no issue giving out specific access to specific spaces.
We have a technology supplier accessing our spaces, and I also want to restrict them so they can only see one space by default (without having to introduce a ton of other restrictions on new and existing spaces). I tried removing them from confluence-users and adding them to a group with permission to access the space separately, but when they logged onto Confluence the site was obviously broken - they were pushed to JIRA by default and the usual drop down to switch to Confluence was broken (with a "something went wrong" message).
Have you had a similar experience in the past?
what do you mean by global permission and space permission ?
User A needs the global permission to login to confluence (usually group "confluence-users") and the local space permission to read / write / ... pages in the space.
I attended Atlassian Summit 2019 and learned a lot from the presenters, attendees and knowledgeable Atlassian product managers. The presentations I attended focused on applying Agile, pla...
Connect with like-minded Atlassian users at free events near you!Find an event
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no Community Events near you at the moment.Host an event
You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events