We have a knowledge base that we want to restrict to our own colleagues. There are only a handfull of people that could actually make changes an contribute to the pages. And about 60+ users that should only be able to read the pages.
Do they all need a confluence license or is there a way around this?
Hi @Rachel
Yes.
Option 1 - Public link. Works for individual pages. Basically, click Share, click Public link (this needs to be enabled for space). This way, that page will be accessible to anyone with the link. Viewing only.
Option 2 - Guests. You can invite people from outside of your Atlassian Org site* as Guests to your Confluence. You can assign various permissions to guests, so they can view, or edit etc. One guest can access only one space. Guests typically do not count towards your license and you can invite up to 5 guests per one paid seat.
*You can invite anyone as a guest but ToC say it can't be a member of your own org. Up to you :)
Option 3 - Scroll Viewport. This app can create a website from your Confluence content. You can protect access to the site with your company's SSO independently of Confluence seats. Ideal for internal docs sites, intranets and such. Viewing only.
In all scenarios your space remains closed to anonymous access.
So, it actually can only be done by using a public link. But that does mean that the whole world and anyone can view the space right?
I would like to restrict it so that only users from our organization can view the space. with some of those users being able to edit the space.
I'm sorry but i find it rather difficult to understand how the restrictions work in confluence. Also I can't find a clear explanation by Atlassian on how the restrictions work. (if you or anyone has one, please share :) )
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi @Rachel
If the content is for your employees users, that, of course, disqualifies the Public Link option. I someone sends ME a public link, I will be able to see the content of that page and you don't want that.
Let's consider two scenarios. Say it's 15 people who write the content and 60 more who only read it.
Here's the overview of the two possible setups.
Option 1
You have a Confluence license for 75 people. You, as an admin, create two user groups:
Contributors group has editing rights for the given space where they author the Content.
Readers group only has View access.
Your Confluence space remains protected and is not open to anonymous access.
Option 2
You have a Confluence license for 15 contributors. They have full access to the content space in Confluence.
Using the Scroll Viewport app, you create a static site that you set up to be accessible only via your company SSO (such as Okta, etc.) or using tokens (refer to Viewport docs).
Your 60 employees who only need to read the content would access the Viewport site using their SSO login. They won't be able to access Confluence itself.
Your Confluence space remains protected and is not open to anonymous access.
-----------------
P.S. There's also Confluence Guests but they cannot have a seat on you Atlassian Cloud - they do not count towards your Confluence license.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I came across this thread when looking for other information and thought I'd chime in. It is possible to configure unlicensed access for internal users by following the process outlined in this Atlassian documentation.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You are correct, the JSM method does work . However, as it relies on opening up Confluence permissions and on integration of Confluence spaces with JSM. Which might not be the option for everyone.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
That's a good call! And is actually something I'm encountering now with a setup I'm doing. If you expose confluence spaces using this method, then anyone with access to JSM will have access to the spaces. So some limitations to keep in mind.
It would be nice if Atlassian enhanced this feature for unlicensed Confluence access with an additional layer of access security by group membership.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I generally don't like the idea of anonymous access to Confluence spaces (here's one of the reasons), which is why I like Scroll Viewport.
It decouples your Confluence content from Confluence permission while you retain the control over what, how, and where appears on the public site. And you can also put your Viewport behind SSO which gives you even more access control options.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.