Currently we are developing a cloud application. We would like to use Confluence Cloud for creating help pages for our own cloud application. We would like to create 2 spaces in Confluence. 1 space with internal documentation, user login is required for this space. The other space will contain the help text for our cloud application. Users that are logged on to our cloud application need read only access to this help space and are allowed to see everything in this space. But we do not want our help pages to be visible publicly from the internet. We do not want the users from our cloud application to have to login to be able to view the help text. But if we use anonymous login, then the space is visible to the world, which we do not want. Is it possible to create a generic help_user with read access to the entire Help space, and use a simple API to automatically login to confluence from our cloud application? A SSO solution is to complex. We do not want to have to setup a new user on confluence, every time our customers add a new user in our cloud application.
your generic help_user will not help them - then they have to sign on either as themselves or as the help_user and then the generic help_user effectively becomes anonymous access as there is no prevention of the User remembering their log in after they leave your client's company, or posting it on facebook or wiki-leaks ...
Making sure each User has their own account ensures you have control over revoking their access when needed and gives them a sense of "confidentiality" and the "prestige" of being a trusted person - it is worth it!
The simple answer is grant your Users access to the two Spaces on the Cloud instance - they would only have view access to pages in the "Help Space".
One way of doing that is giving the Help Space access to the group "All Confluence Users" so every new User automatically is included in that group.
You can try to use Oauth as explained in below tutorial:
Otherwise you can also use basic authentication or Cookie authentication (but this last one is at the moment affected by a bug tracked in: https://jira.atlassian.com/browse/JRA-63867 in this case you can use basic auth, intercept the cookie and then use it to authenticate the subsequent requests):
Atlassian Cloud Support
How can i use the cookie from the basic authentication to authenticate the future requests?
here is the response i received in my back end from confluence
curl -D- -u test:test123 -X GET -H "Content-Type: application/json" http://172.18.20.8:9090/rest/api/2/issue/createmeta
Set-Cookie: JSESSIONID=E93E362BD9F2CEA1922ABA486D130BAD; Path=/; HttpOnly
Date: Fri, 04 Jan 2019 17:55:51 GMT
How can i use this cookie to authenticate and launch a confluence url accessible to the user "test"?
Hi team, I’m Avinoam, a product manager on Confluence Cloud, and today I’m really excited to let the Community know that all customers can now try out the new editing experience and see some of the ...
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs